Because the Health Information Privacy and Portability Act (HIPPA) continues to be updated our printed forms became obsolete. Instead, we’re providing information on our website through a Google Drive document as our means of meeting the requirement to inform our clients about how we use your personal health information, and you can click on the highlighted links below read more about HIPAA and Privacy.
What Information is Protected (from the website)
Protected Health Information. The Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity or its business associate, in any form or media, whether electronic, paper, or oral. The Privacy Rule calls this information “protected health information (PHI).”12
“Individually identifiable health information” is information, including demographic data, that relates to:
- the individual’s past, present or future physical or mental health or condition,
- the provision of health care to the individual, or
- the past, present, or future payment for the provision of health care to the individual,
and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.13 Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).
The Privacy Rule excludes from protected health information employment records that a covered entity maintains in its capacity as an employer and education and certain other records subject to, or defined in, the Family Educational Rights and Privacy Act, 20 U.S.C. §1232g.
De-Identified Health Information. There are no restrictions on the use or disclosure of de-identified health information.14 De-identified health information neither identifies nor provides a reasonable basis to identify an individual. There are two ways to de-identify information; either: (1) a formal determination by a qualified statistician; or (2) the removal of specified identifiers of the individual and of the individual’s relatives, household members, and employers is required, and is adequate only if the covered entity has no actual knowledge that the remaining information could be used to identify the individual.15
How Is This Information Protected (from the website)
- Covered entities must put in place safeguards to protect your health information and ensure they do not use or disclose your health information improperly.
- Covered entities must reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose.
- Covered entities must have procedures in place to limit who can view and access your health information as well as implement training programs for employees about how to protect your health information.
- Business Associates also must put in place safeguards to protect your health information and ensure they do not use or disclose your health information improperly.
Update 02/2014 Imei is currently working with a developer on a prototype EMR for Google Glass users in the healthcare setting. We will be using a vetted cloud service that offers a HIPAA compliant Business Associate agreement to secure client data.