The Rheumatologist
COVID-19 News
  • Connect with us:
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Feed
  • Home
  • Conditions
    • Rheumatoid Arthritis
    • SLE (Lupus)
    • Crystal Arthritis
      • Gout Resource Center
    • Spondyloarthritis
    • Osteoarthritis
    • Soft Tissue Pain
    • Scleroderma
    • Vasculitis
    • Systemic Inflammatory Syndromes
    • Guidelines
  • Resource Centers
    • Ankylosing Spondylitis Resource Center
    • Gout Resource Center
    • Rheumatoid Arthritis Resource Center
    • Systemic Lupus Erythematosus Resource Center
  • Drug Updates
    • Biologics & Biosimilars
    • DMARDs & Immunosuppressives
    • Topical Drugs
    • Analgesics
    • Safety
    • Pharma Co. News
  • Professional Topics
    • Ethics
    • Legal
    • Legislation & Advocacy
    • Career Development
      • Certification
      • Education & Training
    • Awards
    • Profiles
    • President’s Perspective
    • Rheuminations
  • Practice Management
    • Billing/Coding
    • Quality Assurance/Improvement
    • Workforce
    • Facility
    • Patient Perspective
    • Electronic Health Records
    • Apps
    • Information Technology
    • From the College
    • Multimedia
      • Audio
      • Video
  • Resources
    • Issue Archives
    • ACR Convergence
      • Systemic Lupus Erythematosus Resource Center
      • Rheumatoid Arthritis Resource Center
      • Gout Resource Center
      • Abstracts
      • Meeting Reports
      • ACR Convergence Home
    • American College of Rheumatology
    • ACR ExamRheum
    • Research Reviews
    • ACR Journals
      • Arthritis & Rheumatology
      • Arthritis Care & Research
      • ACR Open Rheumatology
    • Rheumatology Image Library
    • Treatment Guidelines
    • Rheumatology Research Foundation
    • Events
  • About Us
    • Mission/Vision
    • Meet the Authors
    • Meet the Editors
    • Contribute to The Rheumatologist
    • Subscription
    • Contact
  • Advertise
  • Search
You are here: Home / Articles / Up to Date with the HIPAA Privacy Rule

Up to Date with the HIPAA Privacy Rule

November 19, 2018 • By From the College

  • Tweet
  • Email
Print-Friendly Version / Save PDF
one photo; Nata-Lia / shutterstock.com

one photo; Nata-Lia / shutterstock.com

Throughout a patient’s lifetime, providers are entrusted with their most intimate and personal information, which they expect to be kept private and confidential. Unfortunately, the healthcare system can face serious implications if any part of a patient’s privacy or information is breached.

You Might Also Like
  • HIPAA Privacy Rules Bring New Enforcement Guidelines
  • Healthcare Providers Must Get Compliant with HIPAA Privacy Practices
  • Legal Updates: Healthcare Data Privacy and Security under HIPAA
Explore This Issue
November 2018
Also By This Author
  • Rheumatology Coding Corner Question: Prolonged Service without Direct Patient Contact, Part 2

Under the Health Information Portability & Accountability Act (HIPAA) and state laws healthcare providers are required to comply with very specific rules relating to patient rights and release of medical information. Under HIPAA, the Department of Health and Human Services (HHS) created national criteria for all health plans, providers and clearinghouses (also known as covered entities) as they relate to the use and disclosure of personally identifiable information that pertains to a patient’s privacy and personal health information.¹ The Privacy Rule also gives patients rights over their health information and the right to access their own medical records. Giving patients more accessibility allows consumers to have more control over their medical information, including how it is used by and distributed among healthcare providers and organizations.

ad goes here:advert-1
ADVERTISEMENT
SCROLL TO CONTINUE

Patient health information and any identifying information, in any medium or format, whether in files, email, audio, video or verbal communication, is protected under the Privacy Rule. The rule considers any of the following as private health information:

  • Name;
  • Date of birth or death;
  • Treatment dates or any other dates relating to patient’s illness or care;
  • Telephone number(s);
  • Address;
  • Email;
  • Social Security number;
  • Medical record numbers;
  • Photographs;
  • License/certification numbers;
  • Fingerprints; and
  • Any other unique identifying number or account number.

The HIPAA rules apply to all covered entities that electronically transmit any health information, particularly such transactions as billing, reimbursement for services or verification of insurance coverage. Practices should keep in mind that if vendors or outside organizations, known as business associates (BA), have access to protected health information (PHI), it is imperative to have a written BA agreement on file. The agreement must state how the patient health information will be used, disclosed and protected. The HIPAA Security Rule requires covered entities and business associates to implement policies and procedures regarding the disposal and reuse of hardware and electronic media containing PHI in electronic form (ePHI).² Improper disposal of electronic devices and media puts the information stored on such devices as computer equipment, desktops, laptops, tablets, copiers, servers, smartphones, hard drives, USB drives or any electronic storage device at risk for a potential breach.

ad goes here:advert-2
ADVERTISEMENT
SCROLL TO CONTINUE

Compliance is not an option; it is required. Employees are obligated to comply with their practice’s or organization’s privacy and security policies and procedures, because patients place their trust in medical practices to preserve the privacy of their sensitive and personal information. If practices or individuals choose not to follow the rules:

Pages: 1 2 | Single Page

Filed Under: From the College Tagged With: HIPAA, privacyIssue: November 2018

You Might Also Like:
  • HIPAA Privacy Rules Bring New Enforcement Guidelines
  • Healthcare Providers Must Get Compliant with HIPAA Privacy Practices
  • Legal Updates: Healthcare Data Privacy and Security under HIPAA
  • HHS Enforces Stricter Rules on HIPAA

American College of Rheumatology

Visit the official website for the American College of Rheumatology.

Visit the ACR »

Meeting Abstracts

Browse and search abstracts from the ACR Convergence and ACR/ARP Annual Meetings going back to 2012.

Visit the Abstracts site »

ACR Convergence

Don’t miss rheumatology’s premier scientific meeting for anyone involved in research or the delivery of rheumatologic care or services.

Visit the ACR Convergence site »

The Rheumatologist newsmagazine reports on issues and trends in the management and treatment of rheumatic diseases. The Rheumatologist reaches 11,500 rheumatologists, internists, orthopedic surgeons, nurse practitioners, physician assistants, nurses, and other healthcare professionals who practice, research, or teach in the field of rheumatology.

About Us / Contact Us / Advertise / Privacy Policy / Terms of Use

  • Connect with us:
  • Facebook
  • Twitter
  • LinkedIn
  • YouTube
  • Feed

Copyright © 2006–2021 American College of Rheumatology. All rights reserved.

ISSN 1931-3268 (print)
ISSN 1931-3209 (online)

loading Cancel
Post was not sent - check your email addresses!
Email check failed, please try again
Sorry, your blog cannot share posts by email.
This site uses cookies: Find out more.