- Quick Start to Healthy Weight Loss
- Black Men Can Beat Prostate Cancer
- Health Screenings for Older Black Men
- Healthy Man of the Month for July 2016
- HIV Testing is HIV Prevention
- Your ‘Mental’ Endurance
- Bisexual Health Priorities
- Entertainment CEO DonJuan Clark
- New Drug Helps Men with Melanoma
- ‘Really, Really Messed Up My Life’
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Public Law 104-191, was enacted on August 21, 1996. Sections 261 through 264 of HIPAA require the Secretary of HHS to publicize standards for the electronic exchange, privacy and security of health information. Collectively these are known as the Administrative Simplification provisions.
The HIPAA Privacy Rule provides federal protections for individually identifiable health information held by covered entities and their business associates and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of health information needed for patient care and other important purposes.
KNOW THE FACTS
When you see a doctor, check in to a hospital, start getting prescriptions filled by a pharmacy, or change health insurance coverage, you will likely get several forms to read and sign. One of those forms – called the Notice of Privacy Practices – explains your rights regarding your health information and tells you how your health information can be used or shared. Most doctors must give you the Notice at your first appointment, and most health plans must give you the Notice when you enroll. A copy of the Notice may also be posted in a clear, easy to find location in a doctor’s office, pharmacy or hospital, be mailed to you by your health insurance company, or be posted on a doctor’s or health insurance company’s website. If you can’t find it, ask for it. Your health provider or health insurance company must give it to anyone who asks.
The law requires your doctor, hospital, or other health care provider to ask for written proof that you received the Notice of Privacy Practices, or what they might call an “acknowledgement of receipt.” The law does not require you to sign the acknowledgement form.
The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities and their business associates to use to assure the confidentiality, integrity, and availability of electronic protected health information.
If you believe that a covered entity violated your (or someone else’s) health information privacy rights or committed another violation of the HIPAA Privacy Rule, you may file a HIPAA Privacy Rule Complaint with OCR.
COMPLAINT REQUIREMENTS – Your complaint must:
- Be filed in writing, either on paper or electronically, by mail, fax, or e-mail;
- Name the covered entity or business associate involved and describe the acts or omissions you believe violated the requirements of the Privacy, Security, or Breach Notification Rules; and
- Be filed within 180 days of when you knew that the act or omission complained of occurred. OCR may extend the 180-day period if you can show “good cause.”