If someone could please check this over for me and let me know your thouhts / ideas on this paper thanks this is what I haave to do
The HIPAA Privacy Standards that went into effect in April
of 2003 greatly affect both the privacy rights of patients and
the duties of medical personnel.
Then, go hipaa' site and begin
your research at that site for answers to the questions below.
Be sure to carefully read the PDF file “Summary of HIPAA
Privacy Rule.” (Note that covered entity means those who are
subject to the HIPAA rules—like health plans, doctors, hospitals,
clinics, and nursing homes.) You’ll probably need to use
additional research material and Web sites to complete your
project. You must use appropriate citation throughout your
paper, and you must attach a reference page to your project.
1. Does HIPAA affect the patient’s access to his or her
medical records? If so, describe the effect and the
procedure for obtaining access.
2. Under what circumstances can personal health
information be used for purposes unrelated to
health care? (Hint: There should be at least 12
circumstances.)
3. Are there requirements for covered entities to have
written privacy policies? If so, what has to be addressed
in the policy?
4. How will employees in the medical office have to be
trained regarding privacy (for example, who is responsible
for training and record keeping)? What is required if
an employee doesn’t follow the privacy policy? When
must employees be trained? In what manner?
This what I have so far
HIPPA Privacy Standards
With HIPAA, the Congress included provisions that mandated implementation of several federal privacy protections for some individually identifiable health information (CDCP, 2003).
HIPPA's Effect on Patients' Access to Medical Records
HIPPA allows individuals the right to review and obtain a copy of their own protected health information from a covered entity's designated record set, a collection of records preserved by or for a covered entity in order to be utilized wholly or partly, when making decisions about individuals. Exceptions from what individuals can access are psychotherapy notes, information accumulated for legal proceedings, laboratory results prohibited by the Clinical Laboratory Improvement Act (CLIA) to access, or information held by certain research laboratories as well as when a health care professional deemed access to such information damaging to the individual or another (OCR, 2003).
Using and Disclosing of Information without Individual Authorization
Law enforcement officials can have this protected individual information from the covered entities even without the individual's permission if they would use it for law enforcement purposes when it is as required by law and administrative requests. Information could be released as well to funeral directors and medical examiners to aid identification of dead body, determine cause of its death and other functions as authorized by law. In relation to this, the information may also be used to facilitate the donation and transplant of organs, eyes, and tissue. The information could also be used without authorization for research as well as to prevent or lessen a serious and imminent threat to a person or the public. Nor is authorization necessary when it is for certain crucial government functions like the proper execution of military missions, carrying out of intelligence and national security activities, provision of impenetrable protection to the president, determination of medical suitability determinations for the U.S. State Department employees, insurance of the health and safety of inmates or employees in correctional institutions, and establishment of the eligibility for enlisting in certain government benefit programs. Workers' compensation laws and other similar provisions with relation to the giving of benefits for work-related injuries or illnesses may also be a factor to induce the covered entities to indulge the information even without authorization (OCR, 2003).
Covered Entities' Written Policy Procedures
Covered entities are required to do a lot of things. They must implement written PHI privacy procedures, appoint a privacy office, impose on their business associates the necessity to sign agreements with respect to the confidentiality of PHI and how it should be kept that way and rain all of their employees in privacy rule requirements. Moreover, these entities have to give patients written notice of the covered entities' privacy practices, the guidelines on the procedures in accessing their medical records, an option to request amendments to the records, a chance to limit the use or disclosure of their information, the ability to have an accounting of any use to which the PHI has been put and the chance to request alternative methods of communicating information (TWC, 2004).
Workforce associated to HIPPA
Workforce members include employees, volunteers, trainees, and may also include other persons whose conduct is under the direct control of the entity, whether or not they are receiving compensation from the entity. A covered entity must train all workforce members on its privacy policies and procedures, as necessary and appropriate for them to carry out their functions. A covered entity must have and apply appropriate sanctions against workforce members who violate its privacy policies and procedures or the Privacy Rule (TWC, 2004).
References
Centers for Disease Control and Prevention (2003). HIPPA Privacy Rule and Public Health. Morbidity and Mortality Weekly Report Vo. 52 pp. 1-12
HPPA Privacy Rule:What Employers Need to Know. Retrieved May 12, 2007 from
Office for Civil Rights (2003). Summary of the HIPPA Privacy Rule. US Department of Health and Human Services pp. 1-19
of course I would put the web address as well on my final paper
1. Make sure you use accurate abbreviations and acronyms.
* For example, is it HIPPA or HIPAA?
* Since you don't use CLIA any further in the paper after you give the full term and then put the acronym in parentheses, delete the acronym in parentheses. You don't need it if you're not going to refer to this again.
* You have used PHI without explanation; it needs to be fully spelled out just before the first time you use it.
2. Are you to be putting any of this in your own words? Or are you to simply find sources which answer the questions and then copy and paste?
3. I take it this is not a "normal" essay or research paper, but simply responding to a certain set of questions, right?
??
4. Make sure that every single word and sentence you copy and paste into your paper from an outside source has quotation marks around it/them. Otherwise, even with the citation at the end of each paragraph, you're committing plagiarism, even if you don't intend to.
(Broken Link Removed)
It looks like you have made a good start on your paper. Here are some suggestions for improving and completing it:
1. For the first question, "Does HIPAA affect the patient's access to his or her medical records?", you have provided some information about individuals' rights to access their own medical records. However, you could expand on this by providing more details about the procedure for obtaining access, such as the required request forms and timeframes for response.
2. For the second question, "Under what circumstances can personal health information be used for purposes unrelated to health care?", you have listed some of the circumstances where personal health information can be used without individual authorization. To improve this section, you could provide additional examples and elaborate on the specific scenarios or regulations that allow for the use of personal health information in each circumstance.
3. For the third question, "Are there requirements for covered entities to have written privacy policies?", you have correctly mentioned that covered entities must implement written privacy procedures. To complete this section, you can provide more details on what the privacy policies should address, such as the handling of protected health information (PHI), safeguarding PHI against unauthorized access, and ensuring compliance with HIPAA regulations.
4. For the fourth question, "How will employees in the medical office have to be trained regarding privacy?", you have stated that covered entities must train all workforce members on their privacy policies and procedures. To enhance this section, you can mention who is responsible for training (e.g., the privacy officer) and record-keeping. Additionally, you can explain the consequences if an employee does not adhere to the privacy policy and provide details on when and in what manner employees should be trained (e.g., upon hire, annually, through workshops or online courses).
Overall, your paper provides a good overview of the HIPAA Privacy Standards and its impact on patients' privacy rights and the responsibilities of medical personnel. To complete your paper, make sure to cite the specific sources you used, including the website addresses.