top of page
Writer's pictureCherie Britton JD

Medical Privacy Laws

We have heard of consumer rights; and just as a consumer have rights, patients have rights whether they are simply visiting a doctor’s clinic for consultation or are to be confined for a day or so in a hospital.

The most basic right of a patient is the right to respect and care regardless of the patient’s race, gender, religion, nationality, country of birth or other similar factors. A patient of sound mind (or his attorney-in-fact, if any) have the right to know all options for medical treatment available to him and medical practitioners are required to explain the benefits and risks before administering tests, procedures or treatments. A patient’s (or his representative’s) consent is given by signing what is known as an “informed consent form.

A patient of sound mind may likewise refuse treatment or make decisions about ending his life, but these two rights, especially the latter, are highly debatable as some states allow it, others have a strong public policy against it. Individual state laws supersedes Federal laws. It is interesting to note that Oregon is the only state where assisted suicide is legal but a doctor is not obligated to prescribe drugs that would end life.

One of the most important right of a patient is the privacy of his medical records, especially in this age where most information are entered and available electronically.

The Health Insurance Portability and Accountability Act of 1996 was signed by President Clinton on August 21, 1996 and became effective on June 1, 1997. HIPAA of 1996 is significant because it is the first national law to protect the privacy of medical information.

The United States Department of Health and Human Services acknowledges that there are a number of entities who are responsible for a patient’s privacy, and these entities must observe mandated privacy rules when you are a patient. The largest group of entities that have a patients’ information and conduct business electronically and are bound by the privacy rule are healthcare providers (family doctors and their staff members, hospital staff members, all kinds of medical clinics, psychologists and psychiatrists, dentists, pharmacists, staff members at nursing homes and chiropractors). Another group of entities likewise bound by the privacy rule include health insurance companies, Medicare, Medicaid, state aid programs, HMOs and other healthcare plan providers.

Strictly speaking, any person who processes health information is required to observe privacy laws and to protect electronic health system information. The requirement is not as stringent as to life insurers, employers and workers compensation providers, schools, state agencies, law enforcement agencies and municipal offices. Employment records or educational records are covered by the Family Educational Rights and Privacy Act, and organizations not specially covered by HIPAA of 1996 may have their own internal rules to protect privacy of information.

Any information found on a patient’s medical record including conversations with a doctor or other medical staff members, information about your health care insurance and billing information are covered by HIPAA of 1996. A patient’s medical condition cannot be discussed in a voice mail message or email message. The law holds accountable individuals who breaching the privileged communication especially if the abuse of such privilege was used to perpetrate fraud.

You have the right to be informed and to control the use of your medical records. This means you have the right to see your medical records within thirty (30) days from the time request was made, request that corrections be made (also within the same period), and to receive notice if your information is about to be used for some purpose.

One of the law’s salient features is the informed consent to the release of any medical information and an explanation of the ways private health records are protected. Sharing of information is valid if it is used for purposes of delivering health services or coordinating treatment with other medical providers especially if the patient’s condition involves a public health protection issue. It can also be reported if the police requires it, for billing purposes, or where release of information is covered by other laws. Medical records can be shared with friends or family members only in cases where the patient gives his/her consent.

Banks, insurance companies, and other businesses have absolutely no right to a patient’s medical information and neither can such information be used to help market products.

People who obtain or disclose prohibited information are penalized under HIPAA of 1996. The fine goes up to $50,000 and a year in prison, and those penalties increase to $100,000 and five years in prison for anyone violating the laws under false pretenses. Those who break privacy rules with the intent to sell a patient’s records, harm the patient, or otherwise see a personal or commercial gain from their actions may be fined up to $250,000 and up to 10 years in prison.

Some hospitals conduct free seminars about patients’ rights and HIPAA of 1996. Check out the hospitals in your area to find a seminar that suits your schedule.

This blog is not legal advice, but shares information on the law. We are living in hard times; people lose their jobs and many are struggling to make ends meet. Legalbargain.net gives back to society by sharing it’s knowledge and producing advocacy videos to put justice within the reach of those who believe justice is only for those with money.

5 views0 comments

Recent Posts

See All

Commenti


bottom of page