Michaud, Lauren Module 2 Assignment

docx

School

Southern New Hampshire University *

*We aren’t endorsed by this school

Course

250

Subject

Mechanical Engineering

Date

Dec 6, 2023

Type

docx

Pages

Uploaded by DeaconWaspPerson579

Module 2-2 Assignment DAT 250 Data Policy and Decision Making Lauren Michaud Southern New Hampshire University July 9, 2023

A patient’s privacy is one of the most important factors when providing accurate and reliable healthcare information today. If a patient cannot trust that their private information is not secure within the facilities they are visiting for healthcare, then there is the potential for added worries on them that could cause more harm in the future. In 1996, the Health Insurance Portability and Accountability Act was established to protect the vital information patients trust their healthcare professionals with, be it records of their visits with the professionals, the codes used for diagnosis when billing their health insurance, and the demographic information collected by the facilities they visit, to name a few examples. The Privacy Rule, which was set in 2000, sets national standards for healthcare plans, healthcare clearing houses, and healthcare professionals who handle private information electronically. The Security Rule, set in 2003, sets national standards for protecting electronic healthcare information availability, integrity, and confidentiality. ( HIPAA for Professionals , 2021) In terms of enforcing this set of regulations and national standard, that is handled by the U.S. Department of Health and Human Services Office of Civil Rights, or OCR for short. ( HIPAA for Professionals , 2021) When enforcing the standards, the process normally begins when a complaint of a violation is filed to the OCR. The OCR will then conduct an investigation into the potential violation, and depending on their findings can proceed from there. If there is a violation, they can provide training and other outreach options to help fix the problem. However, if the violation goes into criminal activity, they do work in conjunction with the Department of Justice for further investigation. ( OCR, 2008 ) The Office of Civil rights does not answer to any governing body as they are the many one that handles HIPAA violations. Within a business or facility that is covered under HIPAA, otherwise known as a “covered entity”, there must be a person assigned to the position of HIPAA Compliance Officer.

This person can be an existing employee who takes on the added responsibilities or it can be a position the covered entity chooses to make into its own position, but it is needed to be a covered entity. The compliance officer can even be split into two positions, one covering privacy and one covering security, or it can be one position itself. Either both or the one position is responsible for overseeing the privacy and security proceeds in the covered entity, provide training to the employees at the covered entity, monitor the activities at the covered entity and report any violations of HIPAA to the OCR. ( HIPAA Journal, 2023) There are many ways violations of HIPAA are handled by the OCR. As stated earlier, if the case shows evidence of criminal activity, the OCR will then work in conjunction with the Department of Justice, who will then take over the case and either find no criminal activity and send it back to the OCR, or they will accept it and move forward with the case. If it is handled only by the OCR, after a throughout investigation, the OCR can potentially find no violation or chose not to investigate, as they only investigate certain cases, in which nothing will come of a complaint. If OCR has investigated and found a violation, then the resolution can be voluntary compliance, corrective actions and/or a resolution agreement. ( OCR, 2008) HIPAA, while quite a large set of standards that the covered entities must follow, is in place to protect the sensitive information patients trust their healthcare providers and health insurance companies with daily. If this information is not protected, the patient’s private medical data and personal data has the potential to be used in ways that can harm their everyday lives. As medical professionals, there is a duty to protect the health and well-being of all the patients they may come across, and complying with the standards and regulations in HIPAA is one of the most important ways that can be done.

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

HIPAA JOURNAL. (2017). What are the Duties of a HIPAA Compliance Officer . HIPAA Journal. https://www.hipaajournal.com/duties-of-a-hipaa-compliance-officer/ Office for Civil Rights (OCR. (2008, May 7). Enforcement Process . HHS.gov. https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/enforcement- process/index.html Office for Civil Rights (OCR. (2008, November 12). How OCR Enforces the HIPAA Privacy & Security Rules . HHS.gov. https://www.hhs.gov/hipaa/for-professionals/compliance- enforcement/examples/how-ocr-enforces-the-hipaa-privacy-and-security-rules/index.html U.S. Department of Health & Human Services. (2021). HIPAA for Professionals . HHS.gov. https://www.hhs.gov/hipaa/for-professionals/index.html