HIPAA PROVIDES PATIENTS WITH MORE RIGHTS?
As provided by the HIPAA privacy rule patients may:
Request an accounting of disclosures made of their health record
Request amendments to their health information
Access & copy their health information
Receive confidential communication about their health information
Restrict uses & disclosures of their health information.
Complain to your organization & to the Secretary of HHS
Privacy vs..Security?
Privacy: Patients right over the use and disclosure of Personal Health
Information (PHI).
When Shared
How Shared
Extent Shared
Security: Measures health care entities must take to protect access to Personal
Health Information (PHI).
prevent unauthorized breaches of privacy
ensure against loss of PHI
Major Components of Effective Privacy Policies?
These principles are also appropriate for organizations:
Openness. There should be a general practice of openness about practices and
policies with respect to personal information. Means should be available to
establish the existence and nature of personal information and the main
purposes of its use.
Purpose Specification. The purpose for collecting personal information should
be specified at the time of collection. Further uses should be limited to those
purposes.
Collection Limitation. The collection of personal information should be
obtained by lawful and fair means and with the knowledge and consent of the
subject. Only that information necessary for the stated purpose should be
collected, nothing more.
Use Limitation. Personal information should not be disclosed for secondary
purposes without the consent of the subject or by authority of law.
Individual Participation. Individuals should be allowed to inspect and correct
their personal information. Whenever possible, personal information should be
collected directly from the individual
