Site icon Find Health Tips

Common HIPAA Violations

health insurance cover

Before you start asking ‘what is a HIPAA violation?’ We’ll get that out of the way first. HIPAA is an acronym for Health Insurance Portability and Accountability Act of 1996. This act was passed in order to protect the health insurance of an employee should they change, or lose, their job. It also includes provisions to ensure both confidentiality and privacy of health information deemed to be identifiable. Everybody has a different medical situation, and the purpose of this article is to give a brief overview of the most common violations of the HIPAA code of practice.

Expiration Date Violation

Patients have the right to set their own expiration date and if confidential records are released after this date it counts as a violation

Prompt Release Failure

The rules laid down in HIPAA state that a patient can receive copies of their medical records on-demand electronically. It’s a violation if their request is not adhered to.

The Improper Disposal of Records

There is one acceptable way of disposing of medical records; shredding. Any other disposal method is a direct violation of HIPAA’s guidelines.

Unauthorized Access

Should a family member, co-worker etc access somebody’s medical records without clear authorization from the person involved it’s a violation. Such unauthorized access can be avoided with the use of tracking systems, clearance levels and password protection.

Missing Signatures

Should any HIPAA form be missing, the signature of the patient is deemed to be invalid. Releasing any information relating to this form would therefore be a violation.

The release of information to any undesignated recipient

Any patient information must be released only to the person whose name is on the authorization form. Whatever the circumstances, it’s a violation if it’s sent to anyone else.

Releasing Information for the Wrong Patient

Mistakes happen but where patients information is concerned it’s a serious violation. Staff must be extra diligent as very often there will be patients with the same, or very similar, name.

Right to Revoke

A right to revoke clause must be included in every piece of paperwork a patient signs. If there isn’t one the form becomes invalid and any information released as a result of this form being submitted will be a violation.

Inadequate Storage of Health Information

Private health information must be kept under protected storage at all times. Imagine if a laptop was stolen and simply by cracking the access code the thief had access to hundreds of medical records? Any private information which is electronically stored must be done on a secure device. Multiple passwords,file encryption etc will ensure protected storage.

Example Scenarios of HIPAA Violations

Exit mobile version