“To resolve this matter, OCR also required the practice to revise the office's fax cover page to underscore a confidential communication for the intended recipient.” “The employee responsible for the disclosure received a written disciplinary warning, and both the employee and the physician apologized to the patient,” the website states. The HHS website describes a case in which a patient's HIV status was disclosed after an employee at a doctor's office mistakenly faxed medical records to the patient's workplace instead of to the patient's new health care provider. The OCR typically tries to resolve cases by obtaining voluntary compliance, through a corrective action, or with a resolution agreement. Last year, the OCR launched its HIPAA Right of Access Initiative promising to “vigorously enforce the rights of patients to get access to their medical records promptly without being overcharged, and in the readily producible format of their choice.”įeds seek voluntary compliance Feds seek voluntary compliance Physicians and private practices are alleged to be the second-most common violator of HIPAA privacy regulations, coming in behind hospitals and ahead of outpatient facilities, pharmacies and health plans, the OCR says. Use or disclosure of more than the minimum necessary protected health information.
The AMA notes that HIPAA regulations are mainly “permissive” in that they allow, but don’t require, the sharing of health information. The AMA describes HIPAA as establishing “guardrails for the sharing and use of patient health information” between health care providers. “However, respecting patient privacy in other forms is also fundamental, as an expression of respect for patient autonomy and a prerequisite for trust.” “Protecting information gathered in association with the care of the patient is a core value in health care,” states opinion 3.1.1 of the Code.
0 kommentar(er)
