Hospitals rely on systems and software to manage patients’ medical records. They hold a large amount of information and it’s their job to make sure all that data is only accessible to authorized people and exclusively for medical purposes. If you’re a health professional, it’s important to understand the rights and obligations established by HIPAA (Health Insurance Portability and Accountability Act) when the legislation was enacted in 1996. In this blog, you will learn what kind of violations HIPAA covers, the rights of patients, and what you’re allowed to do.

Examples of HIPAA Violations

Sometimes, a single professional can cause damage to the image of a health institution for violating HIPAA. In 2010, Huping Zhou, a former UCLA Healthcare System employee, was sentenced to prison for illegally reading medical records. After receiving a notice of intent to dismiss him from UCLA Healthcare, he accessed the medical records of his supervisor, colleagues, and celebrities more than 300 times. He is the first person in the United States convicted for violating HIPAA.

In another case, a mental health organization in Alaska was slapped with a $150,000 settlement by the U.S. Department of Health & Human Services (HHS) for not adequately protecting health information.

Patients’ Rights Under HIPAA

HIPAA gives patients more rights and control over their personal information and holds health providers accountable for violations. Here’s a brief overview:

• You have to keep patients’ health information private.
• Patients can request copies of their medical records.
• Patients can disagree with the information registered in their record.
• Doctors and health providers can’t share patient medical information without their authorization.
• Patients can request a report to see who had access to their medical information.

Health plans, health care clearinghouses, and most health care providers must follow the HIPAA regulations. You can check the complete list of entities on the U.S. Department of Health & Human Services website.

What You’re Allowed Under HIPAA

While the Privacy Rule is intended to protect personal health information, there are some occasions when disclosure is not only allowed, but also necessary for patient care. The regulation doesn’t cut off communications between doctors and parents, for example. Also, hospitals can provide the phone number, room number, and general condition if someone calls and asks for the patient—unless they’re told to not do so.

Let the attorneys at Doyle Schafer McMahon help you understand your rights and responsibilities under HIPAA! We are located in Irvine and we service the Southern California area. Contact us through our website or call 949-727-7077.