Most people today do not fully understand their rights to privacy and what is all involved in giving them that right. The Health Insurance Portability and Accountability Act, better known as HIPAA, has put into effect some rules that must be followed by places such as health care facilities, doctors, and health plans. These covered entities are to use these rules to make sure that personal information is not shared with someone or something that should not have that information.
As of April 14, 2003 all covered entities must comply with the new rules made by HIPAA. The things that need to be addressed, as stated by Phoenix Health Systems, are as follows; building initial organizational awareness of HIPAA; comprehensive assessment of the organization’s privacy practices, information security systems and procedures, and use of electronic transactions; developing an action plan for compliance with each rule developing a technical and management infrastructure to implement the plans implementing a comprehensive implementation action plan, including: developing new policies, processes and procedures to ensure privacy, security and patients’ rights; building business associate agreements with business partners to support HIPAA objectives; developing a secure technical and physical information infrastructure; updating information systems to safeguard protected health information and enable use of standard claims and related transactions; training of all workforce members; enforcement infrastructure, including providing a Privacy Officer and a Security Officer (HIPAA Primer). These guidelines help ensure that medical record information will be kept private and secure from anyone who should not have that information.