.png)
HIPAA Privacy
OCR (Office for Civil Rights) Privacy Home page
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) enforces federal civil rights laws, conscience and religious freedom laws, the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules, and the Patient Safety Act and Rule, which together protect your fundamental rights of nondiscrimination, conscience, religious freedom, and health information privacy.
Authorizations & Consents
What is the difference between “consent” and “authorization” under the HIPAA Privacy Rule?
Answer: The Privacy Rule permits, but does not require, a covered entity voluntarily to obtain patient consent for uses and disclosures of protected health information for treatment, payment, and health care operations.
Disclosure to Family or Friends
Can a patient have a friend or family member pick up a prescription for her?
Does the HIPAA Privacy Rule permit hospitals and other health care facilities to inform visitors or callers about a patient’s location in the facility and general condition?
Disclosures for Law Enforcement Purposes
Does the HIPAA Privacy Rule require my doctor to send my medical records to the government?
Will this HIPAA Privacy Rule make it easier for police and law enforcement agencies to get my medical information?
Information Systems and Security
HIT Guide to Privacy and Security of Electronic Health Information
Everyone has a role to play in the privacy and security of electronic health information — it is truly a shared responsibility. The Office of the National Coordinator for Health Information Technology (ONC) provides resources...
ONC Guide for “Reassessing Your Security Practices in a Health IT Environment: A guide for Small Health Care Practices
This guide is intended to assist small health care practices in reassessing their existing health information security policies as they consider adopting and implementing emerging health information technology (health IT) capabilities such as electronic health records and electronic health information exchange.
Resources for Patients
Patient Resource – 1 page explanation of their ROI rights
You hold the key to your health information and can send or have it sent to anyone you want. Only send your health information to someone you trust.
Individuals’ Right under HIPAA to Access their Health Information
Providing individuals with easy access to their health information empowers them to be more in control of decisions regarding their health and well-being. For example, individuals with access to their health information are better able to monitor chronic conditions, adhere to treatment plans, find and fix errors in their health records, track progress...