What is HIPAA and the history behind the law?
Before my project began, I had to learn about a law enforced
throughout the medical field (via the U.S. Department of Health and Human
Services) and be certified to show that I understand and would follow the law.
HIPAA is a law that was put into place in 1996 to protect patients and their
information. This privacy law stands for Health Insurance Portability
Accountability Act; although the name of the law specifically addresses health insurance
providers, this law holds everyone in healthcare accountable to keep the
privacy of the patient.
How was patient privacy dealt with before HIPAA?
Before 1996, privacy laws were loose and largely based on vague unwritten
medical and business ethic morals of the healthcare workers and third party
administrators. In the third century BC, the Hippocratic Oath was initially
developed, mainly stating that the first goal to any medical practice is to do
no harm to the patient. In 1948, the Declaration of Geneva became a standard
among most countries after WWII in response to the inhumane testing done on
humans by Nazi Germany. The main basis to the Declaration was the Hippocratic
Oath, but also the agreement expanded on ethics regarding privacy, suggesting
that doctors should not use patients’ information to gain publicity, or
personal gain. The Declaration states, "I will respect the privacy of my
patients, for their problems are not disclosed to me that the world may know.
Most especially must I tread with care in matters of life and death. Above all,
I must not play at God.”
Until 1996, patient privacy in our healthcare system was vastly self-regulated,
with the exception of healthcare within the U.S. Armed Forces. Many hospitals
and practices had rules centered on ethics that they set and followed, but
there was no law that could hold the United States’ healthcare system, as a
whole, accountable. In 1996, HIPPA finally set privacy rules and guidelines for
the entire United States healthcare system, which largely resembled the
Department of Defense’s The Privacy Act of 1974.
What is HIPAA?
The Health Insurance Portability Accountability Act of 1996 is the
privacy law that everyone that comes in contact with the patient’s personal identifiable
information must follow. People and entities like the doctors, health insurance
providers, and people like me, who sometimes shadow the doctor in the patient’s
appointment, are held accountable to follow the HIPAA law. We must keep all
Private Personal Information secure between the patient and healthcare team. Information
we must keep secure include the patient’s name, address, and social security
number. Later in my blog posts, when I write about their story, treatments, and
experiences, I must make sure that no one can figure out who I am talking about
by the information I present so that I follow HIPAA.
The HIPAA law does not just outline what I can and cannot disclose
about the patient. The law also set guidelines about how Protected Health Information
is handled and kept in the system.
HIPAA policies must be upheld by anyone or any entity that maintains,
uses, or transfers patient information. HIPAA
insures that patients are told every time their information is requested and
requires they give permission every time information is shared. HIPAA also allows patients access to their
own health information, and prohibits anyone or any entity from misusing the
information or using it against them. Although I am required to know all parts
of the law, the main piece that pertains to me and this project is what
information is shared and how I present their cases so that the patients’
identity and privacy is preserved.