Privacy regarding your medical records is very important. And the Health Insurance Portability and Accountability Act of 1996 (HIPAA) laws were enacted to help protect these records and patient information. However, there are some misconceptions when it comes to how HIPAA laws need to be implemented and what they actually entail. Four of the biggest myths revolving HIPAA include believing that it is highly enforced, not being able to place a chart on the outside of an examination room or using a sign in list in the waiting room, not being able to leave messages on a person’s answering machine, and not being able to give out general information to family and friends.
1. Some people think that there are organizations out there that are just looking for people who violate HIPAA laws. Actually, most issues revolving HIPAA violations are settled by just making changes, not necessarily levying fines or imposing jail time. Regardless of this fact, many doctors and medical facilities are very reluctant to release or take any information in fear of violating HIPAA laws.
2. Many people think that you must sign a HIPAA release and that nobody is allowed to have any information regarding a person’s medical condition or status. This is a fallacy. Physicians and medical facilities are permitted to give out general information to family and friends and are even allowed to go so far as to confirm a death. A person can verbally give permission for information to be released. However, many facilities and doctors insist on having a release in writing, although this is not dictated by the HIPAA laws. Healthcare providers just need to take reasonable care to protect the patient’s information.
3. Using sign in sheets in the waiting room and putting a person’s chart on the outside of their room is also not a violation of HIPAA. Refusing to engage in these practices is just an over reach of the HIPAA laws and shows the kind of paranoia that doctors and medical facilities have regarding the sensitivity of the HIPAA laws. In fact, HIPAA really only applies to health insurance companies Health Providers and third-party companies that compile Health Data. Sign in sheets must only contain minimal information. For instance, they should not include the reason the person is seeing the doctor. As far as a patient’s chart, they should be protected with reasonable measures. For instance, they are only accessible in secured areas where people are roaming around and have access to read the charts.
4. Leaving a message on someone’s answering machine is also okay. Many doctors require the patient to fill out a form to outline how they can be contacted and if a message can be left. This is not really necessary, because it is not mandated under HIPAA privacy rules. The rules do not prohibit this practice. The only thing that is required is that there are reasonable safeguards taken to protect the patient’s privacy. Furthermore, a message can be left with any family or friend who picks up the phone, albeit limited information. Usually healthcare providers will leave general messages, like just leaving their name and number and requesting a phone call back.
It is important to understand the HIPAA laws and apply them as necessary. These laws were enacted to protect the sensitive nature of patient’s medical records. There are myths about HIPAA that are important to dispel in order for the rules to be properly enacted. There are exceptions to the ability to release information, mainly surrounding HIV patients (these rules are more stringent). This is why it is important for both patients and doctors to understand what things can and cannot be released under the HIPAA regulations. With proper education about HIPAA laws, patients can enjoy the peace of mind that their sensitive, private information is not released irresponsibly.