Monthly HIPAA tip – Do you know the rights and responsibilities of our patients?
May 07, 2024 08:41 AM - This month’s article focuses on patient rights and responsibilities. As key members of their health care team, it’s important that our patients understand they have the right to make decisions regarding their care, environment, and privacy.
The Notice of Privacy Practices (NPP) is available to all patients to explain their rights under HIPAA and to describe how their health information may be used or disclosed. The NPP is required to be available for distribution at all points registration and posted at each SSM Health ministry in a clear and prominent location, i.e., main point of registration waiting area. See Notice of Privacy Practices Policy.
Download the HIPAA Patient Rights and Responsibilities Tip Sheet
Specific to privacy and confidentiality, patients have the right to
REMEMBER:
The Corporate responsibility process tells us who to ASK. If you have a question or concern about any process or activity being ethical, legal or in regulatory compliance or become aware of a situation that may have resulted in the breach of personal health information, ask any of the following.
The Notice of Privacy Practices (NPP) is available to all patients to explain their rights under HIPAA and to describe how their health information may be used or disclosed. The NPP is required to be available for distribution at all points registration and posted at each SSM Health ministry in a clear and prominent location, i.e., main point of registration waiting area. See Notice of Privacy Practices Policy.
Download the HIPAA Patient Rights and Responsibilities Tip Sheet
Specific to privacy and confidentiality, patients have the right to
| What HIPAA says… | What it means… |
Have privacy and confidentiality when receiving care. |
Every effort should be made to protect the patient’s privacy when providing care. Closing doors, drawing curtains, and speaking quietly can help us maintain patient privacy. View Privacy Safeguards Policy |
Access to their health information that is maintained in their designated record set. |
When a patient or their personal representative requests a copy of their medical record we must provide the requested information within 30 days. Note, there are VERY few exceptions to this. View Access to PHI |
Patients may request amendments to their records. |
If a patient believes something is documented inaccurately in their medical record, the patient can request an amendment which prompts a review process by the patient’s provider. This must be completed within 60 days, in most instances. View Right to Request Amendment Policy |
Have their records kept confidential; they will only be shared with the patient’s caregivers and those who can legally see them. A patient may request information on who has received their record. |
We can only access PHI for legitimate business purposes (treatment, payment, healthcare operations). Patients can request an Accounting of Disclosures (AoD) which shows where a patient’s information was sent or provided. Certain disclosures, such as disclosures for TPO or per patient request, are not included in the patient’s AoD. See Right to an Accounting of Disclosures Policy |
Restrict certain disclosures of their personal health information to a health plan if the patient has paid out of pocket for a health care item or service. |
In some cases, if a patient pays for a service out of pocket, they can request that information about that service not be shared with their insurance provider. See Right to Request Restrictions Policy |
REMEMBER:
The Corporate responsibility process tells us who to ASK. If you have a question or concern about any process or activity being ethical, legal or in regulatory compliance or become aware of a situation that may have resulted in the breach of personal health information, ask any of the following.
- Your supervisor.
- A senior manager.
- Your HIPAA Leaders
- Scott Didion, Sr. Director, Privacy/Data Risk Management 314-989-2758.
- Teresa Arrowood, Privacy Director 573-681-3723.
- Mindy Phillips, System Vice President, Corporate Responsibility 314- 989-2647.
