Privacy Policy

HIPAA defines the circumstances under which a person may disclose or use PHI. Everyone has a right to privacy, but as we all know, there are some situations in which the rule might be applied. Those who are covered by this policy must adhere to a set of rules. The standards set by the privacy rule address subjects such as: Which organizations must follow the HIPAA standards What is protected health information (PHI) How organizations can share and use PHI Permitted usage and disclosure of PHI Patient’s rights over their health information In 2003, the HIPAA Privacy Rule was first put into place. That includes healthcare providers, as well as clearinghouses, and other health insurance entities. Healthcare-related business partners joined the list in 2013. For the most part, the rule on patient privacy restricts the extent to which medical records can be shared without explicit consent. Allows patients and their next of kin (representatives) to access their medical records under the HIPAA privacy rule These requests for access and disclosure must be responded to within 30 days of receipt by the Covered Entities. Healthcare entities covered by HIPAA include: Health plans Health care clearinghouses Health care providers The privacy rule restricts the usage of health information, which could identify a person (PHI). Covered entities cannot use or disclose PHI unless: It’s permitted under the privacy rule, or The individual has authorized it in writing. The privacy rule does not restrict de-identified health information.