Clinical data management (CDM) systems and increasing automation of the electronic medical record ("EMR") present significant patient privacy and confidentiality issues.
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) sets standards for protecting the privacy of persons' health records. These rules apply to “covered entities” as defined by HIPAA and the Department of Health and and Human Services (HHS). Covered entities include health plans, health care clearinghouses, such as billing services and community health information systems, and health care providers that transmit health care data in a way that is regulated by HIPAA.
PHI (Protected Health Information) is any information about health status, provision of health care, or payment for health care that can be linked to an individual. This is interpreted rather broadly and includes any part of a patient’s medical record or payment history.
Per the requirements of HIPAA Title II (named: Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform), the HHS has promulgated five rules regarding Administrative Simplification: the Privacy Rule, the Transactions and Code Sets Rule, the Security Rule, the Unique Identifiers Rule, and the Enforcement Rule.
No comments:
Post a Comment