HIPAA Basics: Medical Privacy in the Electronic Age


Fact Sheet 8aHIPAA Basics:
Medical Privacy in the Electronic Age

Today you have more reason than ever to care about the privacy of your medical information. Intimate details you revealed in confidence to your doctor were once stored in locked file cabinets and on dusty shelves in the medical records department.

Now, sensitive information about your physical and mental health will almost certainly end up in data files. Your records may be seen by hundreds of strangers who work in health care, the insurance industry, and a host of businesses associated with medical organizations. What's worse, your private medical information is now a valuable commodity for marketers who want to sell you something.

Medical Privacy FAQ


Fact Sheet 8bMedical Privacy FAQ

Sample Letter to Request Medical Records


Sample letter: request medical records as allowed by HIPAA.

 

 

 

 

[Your name]
[Your address]
[Date]

PRC Launches California Medical Privacy Microsite


What are your rights to medical privacy? As it turns out, that is not a simple question to answer. Chances are, you've heard of HIPAA, the Health Insurance Portability and Accountability Act. It is a federal law that sets a national baseline standard for the privacy of individually identifiable health information.

But HIPAA only applies to health care providers that conduct certain transactions electronically, health plans, and health care clearinghouses. A great deal of personal medical information exists that is not maintained by HIPAA “covered entities.” An example would be personal medical information provided voluntarily when one participates in an online chat forum for individuals with a specific ailment.

Fortunately for individuals who live in California, state law provides additional medical privacy protections. The PRC has launched a microsite dedicated solely to medical privacy in California.

Comments to California Dept. of Public Health: Medical Information Breach Regulations


Consumers enter a hospital or another care facility in California should not have to worry that their health and financial data might end up on a social networking website, in the tabloids, in a dumpster, or in the hands of an identity thief. Yet, instances of the breach of healthcare data in California continue at an alarming pace.

Caremark Reportedly Shares Confidential Prescription Information to Steer Business to CVS Pharmacies


Privacy Rights Clearinghouse (PRC) has persistently challenged the health care industry’s improper use and disclosure of confidential medical information, which in many instances is used to market new or additional medication to patients. PRC has become aware that Caremark, a CVS owned company and one of the country’s largest pharmacy benefit managers (PBMs), is improperly sharing prescription information with CVS to steer pharmacy patients to CVS pharmacies.

Comments to Health and Human Services: Privacy and Security Rule Modification


The Heath Information Technology for Economic and Clinical Health (HITECH) Act of 2009 calls for certain changes to previously issued HHS rules regarding privacy of individuals’ medical records (the Privacy Rule), security of electronic health records (Security Rule), and enforcement of the security and privacy provisions (Enforcement Rule). The current rule proposal encompasses the HITECH modifications for all three HIPAA rules.

Disclosure Accounting: Comments Submitted to the U.S. Department of Health and Human Services, Office for Civil Rights


 In adopting the final HIPAA Privacy Rule (Privacy Rule) in 2003, OCR included a section outlining a patient’s right to receive an accounting of protected health information (PHI) disclosures. As adopted, however, the Privacy Rule includes many exceptions to the kinds of data that must be included in an accounting, one of which is that an accounting need not tell patients about disclosures made for treatment, payment, and healthcare operations.

Comments to Department of Health and Human Services re Breach Notification for Unsecured Protected Health Information


The Privacy Rights Clearinghouse (PRC) appreciates this opportunity to comment on the Department of Health and Human Services’ (HHS or Department) interim final rules regarding breach notification to individuals in the event of unauthorized use and access of protected health information. The rules, issued in coordination with the Federal Trade Commission (FTC), are mandated by Section 13402 of the Health Information Technology for Clinical Health (HITECH) A

Showing 1-10 of 30 results
Syndicate content


X

Sign In!

Loading