HIPAA And Confidentiality For Medical Professionals

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was developed to protect patients’ rights and confidentiality in a healthcare environment that is becoming increasingly more technologically advanced. These guidelines apply in every healthcare setting and to every patient. They refer to the sharing of all communications between other providers, families, friends and the media. A working knowledge of the HIPAA law will assist you in understanding your role in maintaining the confidentiality of your patient’s medical information.

HIPAA was enacted to cover three specific areas:

1. Insurance portability or the ability to move to another employer and be certain that insurance coverage will not be denied
2. Fraud enforcement and accountability
3. Administrative simplification

Insurance portability and fraud enforcement and accountability have been active since 1996; however, it took until April 2003 to enact administrative simplification. In January 2013, further amendments were made to HIPAA law, to further protect patient privacy, secure health information and enhance standards to improve privacy protections and security safeguards for consumer health data.

The final omnibus rule greatly enhances a patient’s privacy protections, provides individuals new rights to their health information, and strengthens the government’s ability to enforce the law. Administrative simplification refers to the guidelines that impact healthcare providers in the communications with other providers, families, friends and the media.

The overall intent of this act is to make it easier for the consumer to obtain seamless care, irrespective of the number of different providers they see; while still protecting the confidentiality and privacy of the patient.

Traditionally, ethical healthcare has always included the need to keep patients’ medical information confidential. However, the HIPAA has now legalized it and made it into something of a law that all healthcare professionals need to follow. Key provisions of HIPAA are embodied in three rules: the Privacy, Security, and Breach Notification or confidentiality rules, all of which are intended to protect the privacy and security of protected health information (PHI).

The Privacy Rule sets standards for the protection of PHI and gives patients important rights with respect to their health information. The Security Rule establishes safeguards that covered entities and their business associates must implement to protect the privacy, integrity, and security of electronic PHI. The Breach Notification Rule or confidentiality rule requires covered entities to notify affected individuals, the federal government, and in some cases, the media of a breach of unsecured PHI. The U.S. Department of Health and Human Services, Office for Civil Rights, enforces these three rules and provides guidance on complying with the rules.