They may have heard of HIPAA, and they may also be aware of some of their rights under HIPAA, but many patients will know: why is HIPAA important to patients? What exactly are their rights, and what does it protect them from?
The Health Insurance Portability and Accountability Act was established in 1996 to address various issues within the health sector. There are five titles of HIPAA:
- Title I: Health Care Access, Portability, and Renewability
- Title II: Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform
- Title III: Tax-related health provisions governing medical savings accounts
- Title IV: Application and enforcement of group health insurance requirements
- Title V: Revenue offset governing tax deductions for employers.
As we can see, most of these Titles relate to tax and health insurance reforms. These are, of course, important to patients – Title I, for example, protects employees’ health insurance coverage if they lose their job or move jobs. This helped to address the issue of “job lock”, where employees found it difficult to move jobs without risking losing their health coverage, too.
But here, we are concerned with why HIPAA is important to patients, not employees. When most patients think of HIPAA, they think of how it governs privacy law. This is governed by Title II of HIPAA, which essentially establishes what kinds of information is covered by HIPAA (termed Protected Health Information), how the information can be used and disclosed, and what minimum safeguards must be in place to protect the information.
Here, we consider four important ways in which HIPAA is important to patients. The first is that the HIPAA Privacy Rulesafeguards patient privacy but stipulates that any Protected Health Information (PHI) must only be used for healthcare-related transactions (including treatment or payment for treatment). Additionally, it must only be disclosed to those who need it for those who require the information for those kinds of transactions.
Sadly, even though it is illegal, patients whose diagnoses or treatment plans are leaked may face discrimination socially or in the workplace. Patients, therefore, have the right to keep this information private and only disclose it where necessary.
Secondly, all PHI must be protected by a minimum administrative, physical, and technical safeguards. These safeguards are established by the HIPAA Security Rule. Why is it important to protect these kinds of health information? The kinds of information protected by HIPAA include Social Security Numbers, license plates, credit card details etc..
These data can be used to create a false identity that then may be used to commit fraud. Indeed, a former healthcare worker was recently charged with stealing patient data to gain lines of credit from furniture realtors. This fraud may affect a person’s credit score or make it more difficult for them to take out insurance premiums in the future.
Under the Breach Notification Rule, patients must also be notified if any of their data is accessed by unauthorised individuals. Patients can therefore take action to protect themselves and their data (for example, by cancelling cards).
Finally, HIPAA gives patients the right to access their medical records. This gives them greater autonomy over their healthcare, allowing them to seek second opinions or move practice. Additionally, patients can amend any records they feel are inaccurate.
So, why is HIPAA important to patients? It grants them more rights over their healthcare while also protecting them from malicious actors. This is why violations of HIPAA are treated seriously and why all healthcare employees should ensure that they are correctly trained in HIPAA compliance.
Importance of HIPAA to Patients: FAQ
What are the dangers of insurance fraud to a patient?
Insurance fraud can have devastating impacts on patients. Fraudulent insurance claims can increase health insurance premiums for individuals, perhaps making insurance prohibitively expensive. If fraud is committed by a healthcare provider, it could cause the patient to undergo unnecessary and costly procedures. Preventing such fraud is a key reason why HIPAA is important for patients.
Are there other benefits to patients?
Yes – alongside implementing safeguards to their privacy, HIPAA has also introduced reforms to the health insurance industry. These reforms guarantee better access to health insurance for those with pre-existing conditions and makes it easier for employees to transfer benefits between employer-provided health plans.
How can patients access their PHI?
Under HIPAA, all patients must be able to access their PHI. Each CE must have clear procedures in place to facilitate these requests without undue delay. The patient must submit their request in writing, though web-based forms can also be made available. The CE is allowed to charge a “permissible” fee to cover the labor-based costs, postage etc. of facilitating the PHI access request, but the fee should not cover factors such as the verification of the individual requesting the access or cost of maintaining the PHI. These are HIPAA requirements and should not be paid for by the patient.
Can patients sue for HIPAA violations?
No, patients cannot sue Covered Entities or their employees for violating HIPAA. This is because there HIPAA has no “private cause of action”, so private citizens cannot bring a case against CEs if their PHI has been breached as a result of a HIPAA violation. However, they may be able to bring such cases under State law.
Does HIPAA offer any benefits to Covered Entities?
Yes – though HIPAA is focused on improving patient rights, there are some benefits to CEs. For example, HIPAA has encouraged the streamlining of administration processes, improving the efficiency of CEs. It has also encouraged the use of electronic medical records, which eases the transfer of data between employees and CEs.