What Are Hospital HIPAA Policies?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires health care facilities, including hospitals, to minimize the transfer of unnecessary patient information whenever possible. Points of transfer that come under scrutiny due to the Act are those in both verbal and written form.-
Verbal
-
In order to comply with HIPAA regulations, hospitals often have policies regarding who can discuss patient information and where. Typically, those whose jobs do not involve direct patient care (such as the maintenance or janitorial staff) do not have access to privileged information. Such information is also not allowed to be discussed in public or semi-public areas, like the hospital cafeteria or elevators.
Written
-
Written forms of information transfer can include minimizing who has access to patient records. Typically, hospitals have policies that dictate only the patient or next of kin may view such records.
Technology
-
Because the health care industry often uses technological devices like computers, hospital security policies had to be put in place that protect patient privacy while operating these machines as well. All HIPAA-compliant hospitals are required to limit access (through usernames and passwords) to patient information; this prevents unauthorized users from breaching client privacy.
-