Tumgik
Visit Blog
Explore Tumblr blogs with no restrictions, modern design and the best experience.
Fun Fact
The most popular pages on Tumblr are about Minecraft, GIFs, and David J. Peterson.
#i am going to make my rote memorization of HIPAA everyone else's problem now
Text
Correcting the 3 Main HIPAA Misconceptions
(aka I have HIPAA tattooed under my eyelids and I want to make it everyone else’s problem)
The act protecting your health information is HIPAA, not HIPPA. The “Health Information Privacy and Protection Act” flat-out does not exist. (What you’re thinking of is the Health Insurance Portability and Accountability Act, which does a bunch of stuff regarding insurance on top of protecting your health information. I know it’s pedantic, but this is the most useful thing to see if someone has actually knows what they’re talking about.)
HIPAA protects you from healthcare organizations sharing your information without your consent. Someone asking you to share your own (or someone else’s) health information is rude, but not a HIPAA violation (unless you gained that info during your employment at a healthcare org, but if that’s the case, you already know this. )
There are a lot of exceptions to HIPAA--you health information can be shared your consent in many scenarios. I’ve made a detailed list below the cut, but to correct the biggest misconception: yes, in some scenarios, your health provider may be required to share your information with law enforcement. This is typically mandatory reporting (think child abuse, gunshot wounds, or domestic violence), but your information can also be subpoenaed by a judge or requested by law enforcement.
Here is the government’s webpage breaking down the HIPAA Privacy Rule if you want to know more! I personally think its neat, but that is not everyone’s opinion. Regardless, it’s good information to have at family gatherings when someone starts going off on vaccination requirements.
Detailed breakdown of HIPAA exceptions under the cut:
TPO: This stands for Treatment, Payment and Operations, because if your health info was on complete lockdown, no healthcare entity could function. Employees can access/share your info when the info is necessary for them to...
Provide treatment (ie: your nurse can share your info with your doctor)
 Receive payment (ie: giving info to your insurance company)
Maintain operations (ie: health data/medical records staff. This is me--as a health systems analyst, I can’t do my job without access to the data within the system)
Public Interest: ie: when required by law/governmental function. This includes:
Mandatory reporting (think abuse, neglect, domestic violence, gunshot wounds)
Health oversight activities. These are the organizations who evaluate and investigate whether a facility meets safety/performance regulations and standards. Trust me, you want your info shared with them
 Law Enforcement. I’m going to be really specific here, because there’s been a lot of (justifiable) concern post-Roe v Wade. Your info can be shared if it is is…
Subpoenaed, court ordered, or court-ordered warrant by a court, judge, or administrative tribunal
 Requested by law enforcement to id a suspect, fugitive, witness, or missing person
 Requested by law enforcement for info about a victim/suspected victim of crime
 To alert law enforcement of a person’s death if the organization believes a crime has occurred
If the healthcare organization believes the information is evidence of a crime that occurred on its premises.
In emergency situations, providers can share information about the nature of a crime, the location of crime/victims, and the perpetrator of the crime.
Decedents: Funeral directors, coroners, and medical examiners all need your info to do their jobs, Being deceased, you can’t give your authorization, so an healthcare org sharing your info with them is not a HIPAA violation
Organ/Eye/Tissue donation: pretty self explanatory. Some of your information as a donor might be shared to ensure a healthy transplant  
Research (limited data sets): This one tends to freak people out at first glance, but it’s not sharing your full information. Limited data sets remove any information that could identify/be traced back to you (name, address, etc), but keep details regarding your condition/treatment(s). These can be used to supplement research data sets without your authorization.
Serious threats to health/safety. If a serious, specific threat is made against a person or the public, this can be shared with law enforcement and the person who the threat is made against. There’s a lot of grey area here in what counts as a specific threat, and this can get complicated quickly, but if someone tells a medical professional that they are planning on harming you, you will be notified alongside law enforcement. Likewise for a bomb or other public threat.
Essential government functions. If you are in prison or other correctional facility, you are not protected by HIPAA. Some government benefit programs will require the disclosure of health information. (It also includes national security and military missions).
Worker’s compensation. Healthcare orgs have to share parts of your information for you to receive worker’s comp
I hope this cleared some things up!
#i am going to make my rote memorization of HIPAA everyone else's problem now#anyways my job (and degree) is in health data and health info management so i live and breathe hipaa#which made the pandemic misinformation SO much fun#that is sarcastic.#i was losing my mind#HIPAA#(and though it pains me)#HIPPA#healthcare#healthcare legislation#medical#medical advice#whispers from the ally
0 notes
Last Seen Blogs
max-yun
-sweetness.
thefkingworld
BOOTY LOVERS UNITE 18+ NSFW
blushboutique
Jenn
adaestra
mauricebotlotf
Maurice.mal