What is HIPAA?
HIPAA is the Health Insurance Portability and Accountability Act. There are three main components to the regulations: transaction code sets, security and privacy. The privacy regulations went into effect on April 14, 2003, and mainly focus on protecting patient health information (PHI).
What is PHI?
Protected Health Information (PHI) is information that identifies a patient or links a patient to health care services received. They include personal identity, physical or mental health condition, type of care provided and payment of care.
How is Memorial Health System complying with HIPAA?
We already do a lot of things to protect patient information at Memorial, but are expanding on these policies and procedures. Every associate has received basic HIPAA training focusing on confidentiality. All staff received more information about specific policies and how to be compliant, including individual department training. It is mandatory that all associates complete training.
Who is responsible for following HIPAA guidelines?
Every Memorial Health Systems associate, all physicians, volunteers, and business associates must follow the regulations to protect patient information. There are criminal and civil penalties for non-compliance, such as significant fines, loss of employment and even imprisonment. We all have a responsibility to protect patient privacy.
How are things changing?
Memorial has always taken measures to ensure patient privacy. Many of the policies are an expansion of our current practices. It is everyone's responsibility to protect patient privacy.
What is the Privacy Notice?
A Privacy Notice has been created by Memorial Health Systems to explain to a patient how their information is used. During the regulation process, every patient will sign a form acknowledging receipt of the policy. The Privacy Notice is available in every waiting room/registration area and on our website. Posters are visible throughout the Hospital and at off-site locations. Click here to view our Privacy Notice
Can a patient restrict the use of their PHI?
Yes, there are times when patients can request a restriction of information. For example, patients can request that their information be excluded from the hospital directory. There are other situations when patients can complete a request form to restrict information from their record.
What other rights do patients have under HIPAA?
- Patients have the right to request an amendment to their medical record, through the Privacy Officer.
- Patients have the right to request a complete listing of disclosures made from their medical record, including mandatory state reporting. Requests for this accounting of disclosures should be referred to the Memorial Hospital's Health Information Services Department at 717-849-5306.
- Patients have the right to expect that only the minimum amount of information necessary will be shared for any requested purpose.
- Patients have a right to file a grievance with Memorial Hospital's Director of Quality.
|
