<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=293162&amp;fmt=gif">
Contact Us
Contact Us

HIPAA, Privacy, and You - Understanding The Protection of Patient Data

Tim Mullahy | Dec 4, 2018

Whether you’re a healthcare provider or simply work with them, you have an obligation to protect the information of your patients - and their privacy. Here’s what that involves. a pile of folder including privacy folderHealthcare organizations routinely work with some of the most sensitive data you’ll ever see - information that includes names, addresses, social security numbers, and intricate details about personal health. The sort of stuff that could fetch a tidy profit on the black market.

Not surprisingly, there are some pretty strict regulations around the storage, usage, and protection of this data. In the United States, they fall under something known as the Healthcare Insurance Portability and Accountability Act. It’s a pretty comprehensive set of rules and regulations - far too much for us to cover everything today.

Instead, we’re going to focus on one specific subset of HIPAA - privacy.

In essence, the purpose of HIPAA’s patient privacy rule is to ensure that a patient’s information is freely accessible in all situations where it’s essential to their care, but is otherwise protected. It’s about striking a balance, one which promotes access to information while still protecting the privacy and dignity of the person to whom that information belongs. It’s designed to be both flexible and comprehensive - but with that in mind, you should still familiarize yourself with the basic beats of it.

Information it protects includes…

  • Any data related to an individual’s physical or mental health, whether past present or future.
  • Any data on care provided to an individual.
  • Payment details on said care.
  • Any demographic data, including name, address, age, and gender - in essence, any information which could reasonably be used to identify the individual. This includes date of birth and social insurance number.

Excluded information includes…

  • Employment records maintained by a covered entity.
  • De-identified health information. This is healthcare data which still includes details on treatment and health, but has had all other identifying information removed. It cannot be used to identify an individual.

Confidential Concept. Colored Document Folders Sorted for Catalog. Closeup View. Selective Focus.Note that in the case of protected information, there is a very specific set of circumstances in which it can be used without requiring the authorization or consent of its owner. While you’re still permitted (and in some cases, encouraged) to notify the individual, you are not required to do so under HIPAA. Note that in some of these situations, a user may choose to restrict the use of their data, and you are required to comply.

  • As part of treatment, care, or payment.
  • As part of efforts to improve quality of care for future patients, and also for medical reviews, audits, legal services, and insurance.
  • For the purposes of public interest or benefit activities.
  • When the data has been de-identified and is to be used in research, or public healthcare operations.
  • As part of a healthcare directory or for notification purposes.
  • For law enforcement or judicial purposes.

HIPAA can be confusing and overwhelming at first - but it’s actually a lot simpler than you’d think. In essence, the main thing you need to remember is that you have a duty of care to protect your patient’s data and their privacy. Understand that, and everything else should fall into place.

Related Post

Chad Hurka | Mar 13, 2020
COVID-19 Patient Documentation to Improve Outcomes and Protect EMS Crews
With COVID-19 cases on the rise, first responders must address a new set of concerns relating to patient care and crew safety. The CDC...
Read More >
Tim Nowak | Feb 13, 2020
Five EMS Technology Improvements that Will Shape the Next Ten Years
“The only constant is change,” paraphrasing the ancient Greek philosopher, Heraclitus. In the world of technological and engineering...
Read More >
Kelli Turner | Feb 11, 2020
Medicare Beneficiary Identifiers Accelerate Claim Payment
(4 min read) On January 1, 2020, the Centers for Medicare and Medicaid Services (CMS) made the formal shift to the use of Medicare...
Read More >