HIPAA is a federal law designed to protect patient privacy. HIPAA tells healthcare providers, and the people they work with, what they must do to protect your privacy. This page discusses the the basics of your privacy rights under HIPAA. And it also discusses some of the things Floriamed does to protect your privacy.
The spirit of HIPAA is for your medical matters to be kept strictly private. HIPAA considers any data at all about a patient to be what they call Protected Health Information (PHI). And HIPAA protects the privacy of PHI. Of course, PHI includes private matters that patients discuss with their healthcare providers. But it also includes things like your name, your email address, and even the state you live in. So in terms of patient privacy, your rights under HIPAA look very good.
Internet and Patient Privacy
One of HIPAA’s functions is to provide rules on using computers and the internet with PHI. These days, most doctors use electronic health records. And electronic prescribing is now more the rule than the exception. In short, the entire county’s PHI is either held on servers or moving through computer networks. So having rules makes scene.
We feel that HIPAA does a good job protecting everyone’s PHI when it comes to computer networks and servers. That is, their rules are good ones. HIPAA requires the use of encryption to make PHI unreadable. And the only time encryption is not used is when authorized people like you doctor work with your PHI. Thus, as long as the HIPAA rules are followed, everyone’s PHI is safe.
Floriamed takes the HIPAA rules and your privacy very seriously. We do everything we can to protect your information and your privacy.
Realities of Patient Privacy
Outside the realm of computer networks and servers the notion of perfectly private PHI is a little cloudier. In real word use, HIPAA is not as perfect as patients or healthcare providers might like. To begin with, patient privacy as outlined by HIPAA is not perfect privacy. Also, the HIPAA rules are very complex, carrying penalties for violations that can be severe. And as the cost of healthcare continues to rise, providers resort to paying HIPAA compliance service fees to protect themselves from such penalties.
Of course, ideally, it would be best if discussions between patients and their healthcare providers never left the room. But unfortunately, that’s not possible because it takes many people to run our medical system. So to keep our health care system running, HIPAA has made some needed concessions.
HIPAA says that there are three main reasons for using or disclosing your Protected Health Information (PHI). They are to:
- Give you medical treatment
- Run the healthcare operation
- Process payments
So other people besides your healthcare provider can see your PHI. This could include other providers, perhaps asked to consult on your case. It also includes people that work with billing and insurance who must know your name, address, and perhaps the type of service you received. Other people that help deliver your healthcare might also see your PHI, such as a technician that takes your blood pressure. But the HIPAA law applies to anyone that’s allowed to see your PHI. So by law, everyone involved in your healthcare must keep your information private.
Additional Reasons for Disclosing PHI
There are also a number of special cases where HIPAA allows disclosure of your Protected Health Information. For instance, HIPAA permits disclosure of your PHI in response to a court order. And HIPAA also permits disclosure to public health and safety officials, such as in a drug recall.
HIPAA permits disclosure of your PHI in many other cases as well. Some people will think the reasons make sense. While others may not agree with some of the reasons. So please see the “Notice of Privacy Practices” for a more complete list of the many reasons HIPAA allows disclosure of your PHI.
HIPPA and Patient Privacy at Floriamed
For instance, there is no need to speak to anyone but your healthcare provider when you have a Floriamed visit. At Floriamed, everything is just between you and your provider. The information you submit before your visit, goes directly to your provider. And your provider keeps that information, and all of your PHI, in just one place, which is your medical chart. And normally, you and your provider are the only people that ever see your medical chart.
This is not how it’s normally done in the healthcare industry. Normally, there is a lot of support staff that has access to PHI. And there are also may other ways your PHI can be accessed. At Floriamed, we work hard to eliminate this sort of thing. So instead, we focus on the HIPAA recommendation to avoid disclosure and use of PHI as much possible. That’s because our goal is complete privacy and strictly confidential visits.
Notice of Privacy Practices
HIPAA allows the use and disclosure of your PHI for many reasons. We at Floriamed do not agree that these reasons are always good ones. So we simply do not engage disclosing or using PHI in many ways permitted by HIPPA. Please see our “Notice of Privacy Practices” for a more detail on this.
The “Notice of Privacy Practices” is our most complete discussion on your patient privacy. HIPAA law requires that we provide you with this notice. We feel that this notice is a good resource to help people become well informed about their privacy rights. For this reason we highly recommend that patients or their guardians review the terms of the “Notice of Privacy Practices” before having an online care visit.