Our personal information must be protected all time, but sometimes we need to share it in order to receive medical or health services. This is when we start wondering, how are the institutions guaranteeing my information’s security?
This set of laws in healthcare are called HIPAA, this stands for Health Insurance Portability and Accountability Act. It was originally created to protect people from losing their health insurance if they change their jobs or have preexisting medical and health conditions. HIPAA has been developing over the years and it started striving on reducing the cost and administrative burdens or healthcare transaction and, its most remarkable function, to preserve the privacy and security of patients personal and health information.
Based on the HIPAA statutes some of the rules for protecting information are:
The covered entities, being a healthcare organization or a medical staff, will need to adopt processes and procedures that ensure the highest degree of information confidentiality.
Covered entities must implement safeguards along the information management process when it is created, stored, transmitted and received in order to ensure the patient’s personal health information.
Health institution can only use or disclose protected information only when the patient authorizes it in writing and in certain circumstances.
In some specific cases the information can be disclosed or used without the patient’s authorization, some of them can be:
- When someone requests the information and he or she has been authorized previously by the patient
- Treatment, payment or any other general health care operations.
- For usage at generic procedures like treatments, payments or any other general health care operations
- Discuss information with other people or in its presence if the patient voluntarily agree
- When a patient enters at the healthcare facilities for the first time, all the practices or procedures that might apply to him or her will be shown as soon as possible, ensuring and meeting all the confidentiality requirements.
These security measures aim to prevent identity theft and avoid data breaches, and in every covered institution you will always find a HIPAA security and HIPAA privacy officer, this appointed can be the same person or one for each position. These functionaries play different roles in the implementation and training procedures about HIPAA requirements and rules.
About Esvyda Inc.
Security and privacy of patients’ data is a big concern for Esvyda telehealth and patient generated data solution, which has released a product that integrates medical and non-medical data to be shared by healthcare providers, institutions, pharma, payers and non-medical people involved in the care of patients. The solution helps to see, treat and follow-up patients in a holistic way, saving costs to the health care system.
We are HIPPA compliant, an international health security and privacy law. We address security challenges with the implementation of all the required safeguards. Our solution, technical and customer support is provided in English and Spanish.