HIPAAcraticRx - The Prescription for HIPAA Compliance

HOME   |   THE RISKS   |  PATH TO COMPLIANCE  |  ADDITIONAL SERVICES  |  ABOUT  |  CONTACT

20 Hempstead Turnpike, Farmingdale, New York 11735 . (516) 200-6610 . info@hipaacraticrx.com

  • White LinkedIn Icon
  • White Facebook Icon
  • White Twitter Icon
  • White Google+ Icon

© 2019 HIPAAcratic Rx -

Keeping ePHI Protected in an Age of Patient Access

July 24, 2018

 

 

Understanding the nuances of HIPAA regulations is particularly difficult now that technology affects all corners of healthcare: from telemedicine to remote patient monitoring to consumer glucose monitors to smartphones with thousands of health apps. Providers simply don’t understand the ramifications of HIPAA and other health IT laws — and where to draw the line with access.

 

According to an article in HealthTech Magazine, healthcare providers have traditionally been held responsible for all aspects of privacy and security of patient data because they created and controlled it. But boundaries shifted once electronic medical records came into play. The roles surrounding data privacy and ownership are now blurred.

 

One of the main challenges that comes with this change in ownership involves the use of smartphones by patients — in particular, patients using those devices to capture elements of their own medical data.

 

While there is some hesitation around protecting ePHI, HIPAA is clear: Patients have the right to their own medical data in any form or format. Although the provider traditionally owns the systems that record and manage that data, they don’t own the data itself. A patient can use technology (including a smartphone) to copy that data, even if it’s on a computer screen in a physician’s office.

 

Patients must understand that once they are in possession of that data -- whether it’s a photocopy, electronic copy or photograph -- they are solely responsible for the privacy and security of that data. Still, providers are concerned they will still be held accountable for the privacy and security of patient data they no longer control. Some providers will ask for a signed release, but that is not specifically required.

 

However, studies show that engaged and informed patients have better outcomes. Providing access to medical records through viable technologies, including web portals, apps or even smartphone cameras, is the new reality of care. Patients are now included as part of the care team and are responsible for the privacy and security of the data they handle — their own. The next step may be helping patients understand the importance of protecting that health data.

 

For guidance on protocols to protect your patients' ePHI, contact HIPAAcraticRx today.

Share on Facebook
Share on Twitter
Please reload

Featured Posts

Ransomware Costs Rise and Cause Downtime

July 16, 2019

1/10
Please reload

Recent Posts
Please reload

Archive