Running Head: Health care Health Care Laws, Regulations and Standards Christina Brown Kaplan University IT128-01 Health Informatics I Professor Botts October 26, 2010 Health Care Laws, Regulations and Standards Its time for your annual check-up and the receptionist hands you a clip board with several sheets of paper requiring your personal information. The papers in it self seems harmless and the information appears generic, but thousand of patients withhold information that could be helpful to their treatment in fear of breach of confidentiality.
One of the main questions people hesitate to include within a Legal Health Record (LHR) is their social security number, which is considered a patient-identifier. Many Americans strive hard to keep their social security numbers from being made public or used for purposes other then intended. Various patients worry about volunteering too much information about health issues and concerns for fear that this information will be used to predetermine health insurance coverage, an employer hiring or firing them based on an illness or genetic condition or any number reasons stemming from fear of breach of confidentiality.
Patients need to be reassured that health information shared with a medical professional will remain confidential. The U. S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) (U. S. Department of Health & Human Services, 2009) . HIPAA set federal regulations and standards to protect patient information from being disclosed for purposes other then to treat and care for the patient.
Although HIPAA is a comprehensive federal regulation used to protect private health information each organization must be knowledgeable of their local state laws to ensure any regulations not covered under HIPAA are covered within their respectful state laws. Each state has Licensure, Certification and Accreditation procedures that outline protection for LHR. Licensure is the process that a facility must under to obtain legal approval to operate a business.
This process enforces state laws and regulation governing the physical conditions of the facility, fire safety, space allocations and sanitation. Many states include under their licensing laws professional standards and quality of care, content, retention, and authentication of patient medical records (Wager, Lee, and Glaser, 2009). Certification allows a health care organization to participate in the federal Medicare and Medicaid program for reimbursement. Once an organization has met federal certification standards accreditation can be met through the Joint Commission.
The Joint Commission is an organization that governs standards on patient safety, quality of patient care, treatment and services. Legal Health Record (LHR) is documentation of a patients’ information and services rendered by a healthcare professional or organization. The LHR is considered the official document of a patient and only a single copy should exist. LHR also includes “patient- identifiable source data, such as photographs, diagnostic images, tracings, and monitoring strips” (Wager, Lee, and Glaser, 2009).
HIPAA Privacy Rule ensure that health care organization receive patient consent before releasing information regarding treatment, payment and health care operations. A patient must give a second consent to disclosure non-routine or non-health related purpose. (U. S. Department of Health & Human Services, 2009). Privacy Rule states that patient medical records for minor children should be kept until the minor child reaches legal age and medical records for adults are to keep for ten years after the last visit to the medical professional or organization.
Organizations have an obligation to the patient to discard medical records according to state and federal laws. When medical records are to be destroyed stringent guidelines are to be followed and documentation of the material destroyed is logged with signature of witness and kept within the facility. Documentation can be destroyed by shredding, preferable using an accredited company or burning. Electronic records are safeguarded using from using people that are knowledgeable with the information technology field.
IT professional have a duty to monitor and backup information that are deemed confidential to private health care information. Patients are entitled to believe that their medical records will never be disclosed to third parties or released to any entity or individual without written consent authorizing that medical professional or organization to do so. HIPAA and each state have outlined laws, regulations and standards to enforce the protections of patients who seek the services of medical professionals.
HIPAA has been amended several times through Congress and is expected to be amended again in the near future to narrow so of the boarder scopes pertaining to patient privacy and confidentiality.
Reference: U. S. Department of Health & Human Services. (2009). Retrieved October 21, 2010 from Summary of the HIPAA Privacy Rule: http://www. hhs. gov/? ocr/? privacy/? hipaa/? understanding/? summary/? index. html#endnotes. Wager, K. A. , Lee, F. W. , & Glaser, J. P. (2009). Health Care Information systems A Practical Approach For Health Care Management. San Francisco, CA: Jossey-Bass.