Policies of HIPAA

HIPAA Policies and Procedures Medical Records privacy The Health Insurance Portability and Accountability Act (HIPAA) which is basically the federal law on medical privacy, which was made fully operational in 2003 is a measure to ensure that the information that the client shares with the health care facilities is given maximum privacy and security. The HIPAA does not have very strict measures against the access of the information by the patents themselves.

As long as the person can positively identify himself, then he will have access to the information that belongs to him. However, the restriction comes in when a second party wants to have access to your information. This has to be accompanied by an authorization form from HIPPA that must be signed by you as the owner of the information.

The parents of an individual under the age of 18 years are however allowed to access information freely about their child, but beyond that, they have to get the authorization from the owner of the information (Privacy Rights Clearinghouse/UCAN., 2011). The other people, though close to you but are not allowed to access your medical records are your spouse, lawyer, parents and any relative, unless with the official authority from you.

There are circumstances however that may warrant disclosure of Personal Health Information without prior notice to the individual neither the permission from the individual. There are twelve elements that may warrant such a move as below (7Health Care Tips, 2011); 1) As may be required by law-there could be courts order to that effect, a statute or regulation compliance. 2) The records could be needed for public health activities. 3).

The records could be used in solving cases regarding victims of abuse, neglect, or domestic violence hence the prior notice of the individual may not be required as this would be an investigation. 4) There could be Health oversight activities for instance the annual audits that may be allowed to use the personal information in the process of fulfilling that obligation. 5).

There are cases of Judicial and Administrative Proceedings that could be going on and to help process the case objectively such medical records could be needed and extracted without prior notice. 6). The records can also be accessed for the purpose of law enforcement by the enforcing officers hence the prior permission may not be much of a prerequisite to accessing the information. 7). In the situations of death, the health information may be used to help fast track the cause of death. 8).

The other reason could be for Cadaveric, Organ, Eye, or Tissue donation facilitation so as to be sure of the quality of the donated organs. 9). The records could also be accessed in the situation where there is an ongoing research. 10). The records could also be accessed and shared with CDC in the case where there is evident serious threat to health or safety of the person or the general public, especially in suspected outbreak of highly contagious infections or new diseases or even rare diseases. 11).

In the process of workers compensation. 12). In the case where doctor's office hospital is processing pay by your insurance company for services you received. The privacy rule, hence, requires that any covered entity do have a written policy as well as the procedure that is relevant in the implementation process of the policy. It is also the rule that the covered entity must train the workforce on the necessary policies and procedures so that the workforce is competent enough to perform their duties as regards the privacy rule.

The covered entity is also required to apply sufficient sanctions for the members of the workforce who go against the Privacy Rule or the procedures of the privacy policies. Bearing that the entity may switch to the electronic exchange system, there could be changes that require the entity to address such changes in the accessing, utilizing as well as disclosing the personal information. There is need for such adjustments to take care of the possible emerging non-compliance in.