HIPAA Privacy Rule

HIPAA Protecting patient's personal information is one of the most important functions of the HIPAA. As allotted by the U.S. Department of Health and Human Services, HIPAA is responsible for keeping patients' and other health care consumers' personal information as private as possible. Keeping in mind the motto of the HIPAA, Privacy Rule was introduced to protect a consumer's personally-identifiable health information pertaining to health care service from any unauthorized disclosure. The standards of Privacy Rule ensure that the healthcare organizations called "covered entities" properly use and disclose individual's health information. Within HHS, the Office for Civil Rights is responsible for executing and making obligatory the Privacy Rule with respect to voluntary compliance activities and civil money penalties.

What is Personally-Identifiable Health Information?

When information relates to a specific and identifiable individual, the information becomes personally identifiable health information. Information of the individual's past, present or future physical or mental health or condition, the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual are personally identifiable health information.

In detail, the identifiable information includes the followings in any of the electronic, paper or oral formats:

  1. Prescription or notes made by the doctors or any other health care encounter information;
  2. Payment of bills;
  3. Documents of health care benefits;
  4. Claims of health care policies;
  5. Buying or cancelling a health plan;
  6. Payments of health plan premium;
  7. Referral certifications and authorization
What penalties apply to violations of privacy rule requirements?
As per the federal rule, civil penalties are $100 per violation however; penalties can increase in case of multiple violations taken place to a single individual. Civil penalties can be up to $25,000 per year, per person, per standard. Criminal penalties for violating privacy rule can amount to $250,000 fine and ten years in prison. In case of disclosing patient's information "knowingly and improperly" or getting information under "false pretenses " for financial gain or "malicious harm" calls for serious penalties.

ComplianceOnline with its effort to bring the knowledge related to Privacy Rules to the door step of your company has collaborated with many industry experts who have vast experience in implementing HIPAA compliant processes to do training on these regulations. Attend webinars related to HIPAA and help your team to gain knowledge on Privacy Rule.

HIPAA Basics: Introduction to the Privacy and Security Standards
HIPAA Privacy Standards: Beyond the Basics
Achieving HIPAA-Compliant Workforce Training
HIPAA Compliance and Workforce Training for Medical Practices