HIPAA Privacy Information – 8 Permitted and Authorized Uses
The Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) has to maintain a delicate balance so that sensitive information is well protected and at the same time to ensure that the required information is allowed to flow to make healthcare effective.
Following are some of the permitted and authorized circumstances where such information can be used and disclosed.
Permitted Uses and Disclosures
The covered entities must use their own code of ethics and better judgment while dealing with such information.
1. Individual: Covered entities must disclose your personal information to you whenever such data is requested and have to provide it within a specific time frame.
2. Treatment: The provisions of the law allow the data to be used for management and co-ordination between healthcare providers for related services or even for referrals and consultations between them.
3. Payment: Healthcare plans and providers can use data to seek reimbursement for any services provided to an individual. Health plans can furthermore use it for obtaining premium or while dispensing its duties towards providing benefit and coverage.
4. Incidental Cases: During the routine practices and communications in a healthcare environment some information may be disclosed incidentally. For example another patient of visitor overhearing a conversation or glancing at certain forms. The law does not take offence to such situations if the healthcare facility has adopted the necessary safeguards prescribed by the Act.
5. Public Interest: Your health information can be disclosed by covered entities if such data is required by government bodies, any matter pertaining to law including abuse, domestic violence and neglect, workers compensation entity and situations that are perceived as a threat to personal and public safety and health.
6. Limited Data Set: At times certain directly identifiable information may be removed from your file and the limited data set may be shared for the purpose of healthcare operation, research or public health. The recipients will however be required to sign an agreement and take sufficient measures to safeguard such information.
Authorized Uses and Disclosures
The following situations will require the covered entities to seek your consent in writing. These generally include information required for uses other than payment or treatment and those not allowed under the relevant HIPAA rules.
1. Psychotherapy Notes: A covered entity must obtain your authorization before information related to psychotherapy is disclosed. The only exception to such use without consent is when the entity uses them for their internal training, while providing defense during legal proceedings, in cases of investigation by authorities to ascertain compliance and for public safety reasons.
2. Marketing: Your personal information cannot be disclosed for selling you products or services and requires an authorization for any such usage. However, communication is not considered to be marketing when such information is used by a provider to inform about introduction of a new team or equipment or when the information is used for follow ups and reminders or reference to a specialist.
Healthcare is a very diverse industry and requires the rules to be comprehensive yet flexible enough to cover all scenarios in respect of providing quality services and maintaining sufficient privacy.
For more information, please visit our hipaa privacy website.
For more information, please visit our hipaa privacy website http://www.hipaaprivacyrule.com
Author Bio: For more information, please visit our hipaa privacy website.
Category: Advice
Keywords: health care organizations ,HIPAA,Health Insurance ,HIPAA Compliant,HIPAA Privacy Rule