|Sponsored by the HealthcareTrainingInstitute.org providing Quality Education since 1979|
For example, there is continuing debate about HIPAA's approach to “secure” faxing. Appropriate HIPAA procedure dictates that the receiving fax machine be located in a secure (i.e., locked) room. The individual receiving the fax must sign into the room and log the time, date and fax data (who sent the fax, topic, etc.). Many question the necessity of taking such drastic measures to secure faxed data but the sensitive and confidential nature of clinical information—of paramount concern in behavioral healthcare—arguably warrants such an approach.
Moving more deeply into this new world, to meet HIPAA's security and privacy requirements, a secure system must have:
Healthcare providers will be permitted to maintain information regarding patient care—however, providers' ability to deliver individuals' medical information to outside parties is prohibited without full disclosure and prior patient approval.
The primary issue regarding HIPAA's privacy regulations is the patient's ability to control access to his or her medical information. Average consumers believe they have control over their medical information. Then they try accessing that information or, worse yet, transferring the information to another physician. They find that the effort required is monumental and generally produces limited success. HIPAA aims to simplify the process, placing control of the information directly in the hands of patients. Although this intuitively makes sense, the healthcare industry is not procedurally equipped on an organizational level to accommodate it. It will take a great deal of work and time to craft policies and procedures to make patient access workable.
Ethics - Privacy, Security and Behavioral Medicine
Patients must be mentally competent to control their medical information. In cases where patients are incompetent, family members or the courts, acting as guardians, will exercise control. Behavioral healthcare professionals must account for and develop procedures to accommodate and fully document these situations.
It should be noted that in states like California, where strict confidentiality laws have been enacted governing the sharing of this type of medical information, state law will prevail over the federally mandated HIPAA regulations.
Finally, one of the primary concerns regarding implementing a HIPAA solution is the cost of the effort. The cost includes organizational education, implementing and developing policies and procedures, developing new contracts with organizations such as clearinghouses to ensure that they are following HIPAA regulations, identifying and implementing the technology solutions necessary to meet HIPAA security requirements, and establishing a chief privacy officer position.
Behavioral medicine is notoriously under-reimbursed, and practitioners often lack the funds necessary to implement HIPAA solutions. Nevertheless, HIPAA compliance is mandatory. Therefore, other priorities, such as clinical equipment purchases and hiring additional staff, must become secondary considerations until other sources of funding are identified.
HIPAA's security and privacy standards are clear, and failure to comply will be punishable by imprisonment and fines of up to $250,000. Protecting patient information wilt be expensive and difficult—but can you afford not to.
Reflection Exercise #4
Ethics CEU QUESTION 11
Others who bought this Confidentiality Course
JD Supra (press release)
Recent Events Increase the Importance of HIPAA Risk Analyses and HIPAA Policies
JD Supra (press release)
For health care providers and health care companies, this increase in threats to patient data increases the importance of robust HIPAA compliance measures to help guard against such threats. Most importantly, health care providers and companies should ...
Practices Have Latitude in Addressing Security Risks
Healthcare IT News
OCR deputy: Have policies in place to avoid a HIPAA compliance review
Healthcare IT News
â€śWe come in and you're not under suspicion of anything wrong, just show us all your policies and procedures so we can give you a report card of where you are from a compliance standpoint,â€ť McGraw said at the Allscripts user conference in Chicago on ...
AdvantEdge Healthcare Solutions Recertified In HIPAA & HITECH Compliance For Fifth Consecutive Year
PR Newswire (press release)
WARREN, N.J., Aug. 22, 2017 /PRNewswire/ -- AdvantEdge Healthcare Solutions ("AdvantEdge") today announced successful third party recertification for HIPAA and HITECH privacy and security requirements by 360 Advanced, marking AdvantEdge's fifth ...
Free lectures cover HIPAA compliance, patient dismissal
CDA (California Dental Association)
As CDA's regulatory compliance practice analyst, Pichay advices dentists on occupational and environmental safety and health, waste management, licensure and other regulatory compliance issues. Pichay will address HIPAA compliance in her Thursday ...
Heightened Transparency in Breach Notification Tool Nudges HIPAA Compliance
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently announced its newly improved HIPAA Breach Reporting Tool (HBRT) to much fanfare. The new HBRT features enhanced search and navigation functions, but its ...
CEU Continuing Education for
Psychologist CEUs, Social Worker CEUs, Counselor CEUs, MFT CEUs