The Health Insurance Portability and Accountability Act (HIPAA) 1996 include two titles. Title one is related to protecting the rights of employees and their families if they lose or switch their jobs. Title two includes an Administrative Simplification provision which requires health care providers to have national standards in their health care transactions. Along with this, national identifiers are required for providers, health insurance plans, and employers. The Act takes into consideration the threat to the privacy of health information. Consequently, the Congress has included in the Act a Federal Privacy Protection for individually identifiable health information (HHS). Individuals between the ages of 12 to 18 have the right to protect their information from being given out to anyone else including parents of the patients. The act requires signatures from the patient as a permission to reveal information to a third party.
The HIPAA aims to protect the medical records of individuals and other personal health information. Information is protected by giving the patients greater control over their own medical records by setting boundaries on this information. Moreover, it has certain safeguards that have to be achieved by health care providers as a step towards protection of information. In the case of, the provider is unable to protect this information they would be held responsible along the lines of criminal penalties. The Act also assists patients in making decisions about how their medical records should be used and shared. This is done by informing individuals about how their records are being used. The use of information by a third-party is minimized, and the individuals have the right to get a copy of their medical information as and when they demand (HHS).
The nature of criminal and civil penalties would be imposed upon the covered entities or individuals if the HIPAA law is violated. While imposing civil penalties, the Secretary of the Department of Health and Human Services would judge the extent of harm caused by the violation and then charge a penalty accordingly. However, if the error is reversed within thirty days then the Secretary is unable to impose civil penalties. Covered entities and specified individuals include; health plans, health care clearinghouses, health care providers to use electronic means to transmit information, and medical prescription drug sponsors, directors, employees, or officers of the covered entities may be held liable for criminal penalties. If any of the aforementioned covered entities or specified individuals who knowingly obtain or disclose identifiable health information may face a fine of up to $50,000 (AMA). These consequences have instilled fear in people that limits the chances of privacy violation.
People know that they would be reprimanded and held responsible if they breach the security of the patient’s medical records. It ensures that health care organizations have a back-up of their information related to patient’s medical data. This means, that data cannot be lost or misplaced. Through the implementation of HIPAA and other similar laws it is ensured that individual’s right to privacy control is given importance and not ignored.
As an administrator, I would make sure that patients are well-versed with their rights. Formal forms and applications would have to be filled by patients, and that would clearly outline their rights of revealing their medical history to people other than themselves. If patients do not allow for their medical history to anyone else then, this should be respected by the relevant individuals. Furthermore, as an administrator I would also see that the third-party service provider which is outsourced by my organization should be trustworthy and should not have any previous records of security and privacy lapse.
References
HIPAA Violations and Enforcement. (n.d.). HIPAA Violations and Enforcement. Retrieved March 21, 2014, from http://www.ama-assn.org//ama/pub/physician-resources/solutions-managing-your-practice/coding-billing-insurance/hipaahealth-insurance-portability-accountability-act/hipaa-violations-enforcement.page
What does the HIPAA Privacy Rule do?. (n.d.). What does the HIPAA Privacy Rule do?. Retrieved March 23, 2014, from http://www.hhs.gov/hipaafaq/about/187.html
