Have you ever wondered why exactly HIPAA stands for? Doctors often throw around this acronym without actually explaining its origins to their patients. HIPAA stands for Health Insurance Portability and Accountability Act, which was passed in 1966. This act protects your medical records along with other personal identifiers.
What is Covered under HIPAA?
HIPAA protects any type of personal identifier, including everything from your name and address to your driver’s license number and Internet Protocol (IP) address. When a medical professional signs a HIPAA compliance form, they agree to protect your identity and insure your health information and medical records are not released to unauthorized individuals. Any disposal of medical records or other identifiable documentation must be shredded. If the paper is simply recycled or thrown away, the personal information may get into the wrong person’s hands, so shredding is imperative. If a medical professional takes your medical records to another facility, either on their laptop or physically, it must be in a locked case or under encryption to ensure its safety. By law, you must be informed of any information sharing, and you must give permission for any transfer of health information. Sharing information with direct family or friends is up to the doctor’s discretion. Spouses are generally given medical information, but only if it is relevant to an individual’s current care. Patients can sign permission to allow others to be informed of any changes in health.
Who Must Follow HIPAA Laws?
Any doctors’ office or insurance company is required by law to follow HIPAA guidelines. Nurses, clinical staff, doctors, receptionists, and anyone else working with medical records must follow the guidelines. This includes any information passed along electronically or over the phone. This is why when you call your insurance company, they must go through a series of steps to confirm your identity before relaying personal information. Any breach of the law can result in prison or fines up to 250,000 dollars. Those who do not have to follow HIPAA guidelines include your employer, state agencies, life insurers, or law enforcement agencies.
Test Your HIPAA Knowledge
- The following personal identifiers are protected under HIPAA: telephone number, social security number, and names of relatives. True or False
- Electronic identifiable health information covered under HIPAA. True or False
- If a patient wishes to access their medical record, they need to provide a written request for their doctor. True or False
- If there is no expiration date on a signed authorization for release of medical records, it is technically invalid. True or False
- Doctors can discuss cases and review the medical records of patients not under their care. True or False
Other Acronyms to Know
PHI – Protected health information
EPHI – Electronic protected health information
UDE – Unique data elements
MR – Medical records
NPP – Notice of privacy practices
POS – Point of service
EOB – Explanation of benefits
COB – Coordination of benefits
PHR – Personal health record