Privacy -- HIPAA Compliance
|
|
This section contains information about HIPAA privacy requirements.
|
| General Information
|
| The
privacy regulations require health care organizations and their
business associates develop and follow procedures that ensure the
confidentiality and security of protected health information (PHI) when
it is transferred, received, handled, or shared. This applies to all
forms of PHI, including paper, oral, electronic, etc. Furthermore,
only the minimum health information necessary to conduct business is to
be used or shared. All covered entities are required to: |
- Ensure the internal protection of individual health information and implement physical and administrative safeguards;
- Implement procedures that limit the use and disclosure of PHI to meet the "minimum necessary" standard;
- Develop mechanisms for the accounting and auditing of all disclosures made for
purposes other than treatment, payment, or operations;
- Establish policies and procedures to allow individuals to amend their health information;
- Establish contracts and agreements with business associates that ensure the protection of PHI, which is shared or traded;
- Designate a privacy officer;
- Enforce penalties for misuse or inappropriate use of PHI; and
- Create and make available documentation regarding the compliance with all the requirements of the regulation.
|
| Forms |
| All Programs |
Notice of Privacy
| Individuals
have the right to know how their protected health information may be
used and disclosed, and what their privacy rights are. The Notice of
Privacy Practices (NPP) provides individuals with this information. |
|
Family PACT (Family Planning, Access, Care, and Treatment) Program
|
|
 |
|
PDF documents require Adobe Reader. Click on the button to download the latest version. |
This document was updated last at Thursday, June 05, 2008