<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=293162&amp;fmt=gif">
Contact Us
Contact Us

HIPAA, Privacy, and You - Understanding The Protection of Patient Data

Tim Mullahy | Dec 4, 2018

Whether you’re a healthcare provider or simply work with them, you have an obligation to protect the information of your patients - and their privacy. Here’s what that involves. a pile of folder including privacy folderHealthcare organizations routinely work with some of the most sensitive data you’ll ever see - information that includes names, addresses, social security numbers, and intricate details about personal health. The sort of stuff that could fetch a tidy profit on the black market.

Not surprisingly, there are some pretty strict regulations around the storage, usage, and protection of this data. In the United States, they fall under something known as the Healthcare Insurance Portability and Accountability Act. It’s a pretty comprehensive set of rules and regulations - far too much for us to cover everything today.

Instead, we’re going to focus on one specific subset of HIPAA - privacy.

In essence, the purpose of HIPAA’s patient privacy rule is to ensure that a patient’s information is freely accessible in all situations where it’s essential to their care, but is otherwise protected. It’s about striking a balance, one which promotes access to information while still protecting the privacy and dignity of the person to whom that information belongs. It’s designed to be both flexible and comprehensive - but with that in mind, you should still familiarize yourself with the basic beats of it.

Information it protects includes…

  • Any data related to an individual’s physical or mental health, whether past present or future.
  • Any data on care provided to an individual.
  • Payment details on said care.
  • Any demographic data, including name, address, age, and gender - in essence, any information which could reasonably be used to identify the individual. This includes date of birth and social insurance number.

Excluded information includes…

  • Employment records maintained by a covered entity.
  • De-identified health information. This is healthcare data which still includes details on treatment and health, but has had all other identifying information removed. It cannot be used to identify an individual.

Confidential Concept. Colored Document Folders Sorted for Catalog. Closeup View. Selective Focus.Note that in the case of protected information, there is a very specific set of circumstances in which it can be used without requiring the authorization or consent of its owner. While you’re still permitted (and in some cases, encouraged) to notify the individual, you are not required to do so under HIPAA. Note that in some of these situations, a user may choose to restrict the use of their data, and you are required to comply.

  • As part of treatment, care, or payment.
  • As part of efforts to improve quality of care for future patients, and also for medical reviews, audits, legal services, and insurance.
  • For the purposes of public interest or benefit activities.
  • When the data has been de-identified and is to be used in research, or public healthcare operations.
  • As part of a healthcare directory or for notification purposes.
  • For law enforcement or judicial purposes.

HIPAA can be confusing and overwhelming at first - but it’s actually a lot simpler than you’d think. In essence, the main thing you need to remember is that you have a duty of care to protect your patient’s data and their privacy. Understand that, and everything else should fall into place.

Related Post

COVID-19 Workforce Impacts and Data Collection: A Study in Collaboration
(8 min read) In early 2020, the concept of the novel coronavirus was nothing more than a whisper in New Jersey EMS agencies. It was...
Read More >
Interoperability Has Come a Long Way, but There Is Much to Be Done
(8 min read) 2020 has been an interesting year, and at the time of this writing, it’s only September. I am sure the word of the year...
Read More >