Everyone who participates in the United States healthcare system either as a patient, provider business associate, or subcontractor either knows or should know about the Health Insurance Portability and Accountability Act of 1996, Pub. L. 104-191 (Aug. 21, 1996). Industry participants should also have implemented requisite standards espoused by the Privacy Rule, Security Rule, Breach Notification Rule and the Health Information Technology for Economic and Clinical Health Act, Pub. L. 111-5 (Feb. 17, 2009).
HIPAA provides patients with fundamental rights to access, inspect, and obtain a copy of their health information for as long as the information is maintained by the healthcare provider regardless of the date created, format of the PHI or where the PHI originated. In responding to these requests, providers should be aware of the requirements under the HIPAA Privacy Rule.
First Healthcare Compliance is excited to co-host the HIPAA Privacy and Security Summit with Delaware Law School at the Ruby R. Vale Moot Courtroom from 8:00 am until 5:00 pm on November 8, 2018
Grant Elliott, President, and CEO of Ostendio discusses the basics of GDPR (General Data Protection Regulation) compliance for those in healthcare. Check out this Q and A session to learn more.
Healthcare compliance professionals frequently face confusing situations about sharing of protected health information (PHI). The Health Insurance Portability and Accountability Act (HIPAA) supports the protection of privacy of medical records. However, even when a patient does not authorize sharing of his record there are permitted uses and disclosures such as for the purpose of treatment, payment or healthcare operations (TPO).