Understanding HIPAA: Acceptable Uses Of Private Healthcare Information

understanding HIPAA: acceptable uses of private healthcare information

What is HIPAA Compliance? The Healthcare Insurance Portability and Accountability Act is designed to protect a patient’s privacy. It protects the patient’s name and address, social security number, insurance information, medications, and medical records. Employees and healthcare providers can access this information when they need to treat, receive payment, or manage healthcare operations.

When it comes to HIPAA at the workplace, it’s crucial for your practice’s employees to know how to properly handle this confidential information, otherwise you may find yourself neck deep in HIPAA malpractice suits.

A great rule of thumb is to give out the least amount of information about patients as possible when it is requested. Only release what is needed to get the patient treated, and when in doubt employees should ask their supervisor or compliance officer. HIPAA compliance rules refer to primarily electronic medical information. Employees should ask the question “do I need to see the medical information to perform my job?”  When the answer is yes, then it is acceptable. When the answer is no, refrain from using the information.

Acceptable Uses of Private Healthcare Information  


·       Sending information from one healthcare department to another to make sure a procedure is performed.

·       Two physicians sharing information so a patient can be treated. 

·       Referring a patient to a specialist.

·       Information can be discussed and coordinated at nursing stations

·       Discussing lab tests in joint treatment areas

·       Healthcare professional can discuss information during training or rounds in healthcare facilities

·       Pharmacists can discuss a prescription over the phone or in person with a doctor or patient

Payment and Healthcare Operations      

·       Determining eligibility of a patient under an insurance plan.

·        Billing and collection purposes and reviewing medical services and their necessity.

·       Conducting assessments for improvement of services in healthcare settings

·       Reviewing the qualifications of healthcare professionals

·       Conducting or arranging a medical review of physician or healthcare facilities.

HIPAA violations are much more common in the workplace than we like to think, and it’s likely that you’ll run into a compliance issue with one of your employees at some point. Don’t panic. Dealing with a HIPAA violation isn’t the end of the world, and if you know what to look out for, you’ll be able to minimize the number of violations that take place at your center. Familiarize yourself with common HIPAA violations and make sure to set a standard HIPAA training protocol in place for your staff.