In 1996 HIPAA was enacted with the intention of empowering citizens to be in charge of their own medical information.
With the advent of the new act, citizens are supposed to be in charge of who has access to their private health information and in charge of directing what medical entities can do with their health data. While the most obvious affected by HIPAA included doctors and hospitals, there are actually a multitude of organizations that must adhere to all the provisions outlined in HIPAA.
Who is Affected by HIPAA?
Most people would not first think of schools or non-profit organizations as having anything to do with following HIPAA guidelines. However, these types of organizations often provide at least limited medical services at times, which means they are indeed required to follow HIPAA. Other organizations affected by HIPAA include pharmacies, health insurance providers, nursing homes, mental health specialists, dentists, orthodontists, clinics, and even some government agencies.
While most organizations initially train their employees in proper HIPAA compliance, challenges remain. Without regular reminders and retraining in HIPAA compliance issues, it’s not uncommon for busy staff members to overlook some of the more subtle issues that may arise with regard to patient privacy. One such example involves the use of smartphones in a medical setting.
With these devices, a patient or a member of the visiting public could easily record a video or take a snapshot of someone receiving treatment, then post the information online. While not directly responsible for the actions of the general public or a patient, medical organizations should still guard against anyone attempting to take such action by posting a sign prohibiting both visitors and patients from taking photos or recording videos of another patient, without that patient’s express permission. By doing so, organizations can balance a patient’s need for privacy while still allowing family members to record joyous occasions such as the birth of a child.
If you would like to know more about how to remain HIPAA compliant as Information Technology continues to evolve, please contact us.