Skip to content
10 Best Practices for Protecting Confidential Health Information Show
Home » Blog » 10 Best Practices for Protecting Confidential Health Information 10 Best Practices for Protecting Confidential Health InformationThis Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns,
set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile. Recent TweetsSign-up to get the latest news and update information. Don’t worry, we won’t send spam! This guidance remains in effect only to the extent that it is consistent with the court’s order in Ciox Health, LLC v. Azar, No. 18-cv-0040 (D.D.C. January 23, 2020), which may be found at
https://ecf.dcd.uscourts.gov/cgi-bin/show_public_doc?2018cv0040-51. More information about the order is available at https://www.hhs.gov/hipaa/court-order-right-of-access/index.html. Any provision within this guidance that has been vacated
by the Ciox Health decision is rescinded. Most of us believe that our medical and other health information is private and should be
protected, and we want to know who has this information. The Privacy Rule, a Federal law, gives you rights over your health information and sets rules and limits on who can look at and receive your health information. The Privacy Rule applies to all forms of individuals' protected health information, whether electronic, written, or oral. The Security Rule is a Federal law that requires security for health information in electronic form. HIPAA Right of Access VideosOCR has teamed up with the HHS Office of the National Coordinator for Health IT to create Your Health Information, Your Rights!, a series of three short, educational videos (in English and option for Spanish captions) to help you understand your right under HIPAA to access and receive a copy of your health information.
HIPAA Right of Access InfographicOCR has teamed up with the HHS Office of the National Coordinator for Health IT to create this one-page fact sheet, with illustrations, that provides an overall summary of your rights under HIPAA:
HIPAA General Fact Sheets
Who Must Follow These LawsWe call the entities that must follow the HIPAA regulations "covered entities." Covered entities include:
In addition, business associates of covered entities must follow parts of the HIPAA regulations. Often, contractors, subcontractors, and other outside persons and companies that are not employees of a covered entity will need to have access to your health information when providing services to the covered entity. We call these entities “business associates.” Examples of business associates include:
Covered entities must have contracts in place with their business associates, ensuring that they use and disclose your health information properly and safeguard it appropriately. Business associates must also have similar contracts with subcontractors. Business associates (including subcontractors) must follow the use and disclosure provisions of their contracts and the Privacy Rule, and the safeguard requirements of the Security Rule. Who Is Not Required to Follow These LawsMany organizations that have health information about you do not have to follow these laws. Examples of organizations that do not have to follow the Privacy and Security Rules include:
What Information Is Protected
How This Information Is Protected
What Rights Does the Privacy Rule Give Me over My Health Information?Health insurers and providers who are covered entities must comply with your right to:
You should get to know these important rights, which help you protect your health information. You can ask your provider or health insurer questions about your rights. Learn more about your health information privacy rights. Who Can Look at and Receive Your Health InformationThe Privacy Rule sets rules and limits on who can look at and receive your health information To make sure that your health information is protected in a way that does not interfere with your health care, your information can be used and shared:
Your health information cannot be used or shared without your written permission unless this law allows it. For example, without your authorization, your provider generally cannot:
Sign Up for the OCR Privacy Listserv Content created by Office for Civil Rights (OCR) How can you protect patient health information in the workplace?How Employees Can Prevent HIPAA Violations. Never Disclose Passwords or Share Login Credentials. ... . Never Leave Portable Devices or Documents Unattended. ... . Do Not Text Patient Information. ... . Don't Dispose of PHI with Regular Trash. ... . Never Access Patient Records Out of Curiosity. ... . Don't Take Medical Records with You When You Change Job.. What are the ways to protect personal health information?6 Ways To Protect Your Personal Health Information. Guard Your Personal Information. ... . Beware "Free" Medical Services. ... . Keep Accurate Medical Records. ... . Review Your Medical Bills. ... . Destroy Medical Records Before Throwing Them In The Trash. ... . Report Possible Fraud.. What are two ways to protect patient confidentiality?5 important ways to maintain patient confidentiality. Create thorough policies and confidentiality agreements. ... . Provide regular training. ... . Make sure all information is stored on secure systems. ... . No mobile phones. ... . Think about printing.. |