HIPAA

HIPAA stands for Health Insurance Portability and Accountability Act. In 1996 the US Congress authorized this to regulate the disclosure of a person’s health information. Privacy Rule defines how covered entities use individually-recognizable health information or the PHI (Personal Health Information). Covered entities' is a term often used in HIPAA-compliant guidelines. A covered entity can be a provider or insurance company. HIPAA laws are designed to simplify administrative side of the healthcare systems, standardize electronic data communications and protect /secure patients healthcare information.
All healthcare providers are required to comply with HIPAA privacy rule which may only use or disclose and individuals protected health information for treatment, payment or healthcare operations. The privacy rule protects all health information whether it’s spoken, written or electronic. This privacy rule gives patients control over the use of their health information, defines boundaries for the use/disclosure of health records by covered entities. It also holds violators accountable for violating the privacy of a patient’s healthcare information. In order to release a patient’s information a signed release signed by the patient is needed. The only time a release is not needed is when a subpoena, payment, sexual assault, or continuation of care is requested.
Protected health information covers patient charts, prescriptions, and test results, types of appointments, emails, billing records, phone calls and patient counseling conversations. While on the unit and conversing with other providers about the patient(s) keep voice level down and try to protect the information as much as possible. The three types of disclosures include internal use where patient’s information is used for treatment, scheduling or payment. Routine is when office personnel are making a specialist referral or prescription refills. Thirdly, is non-disclosure an example would