What is HIPAA?

On Behalf of | Sep 16, 2020 | Professional License Issues |

Most people in Pennsylvania might assume that the only way for you (as a healthcare provider) to risk losing your license would be to commit an error in the delivery care. While such an incident may indeed endanger your standing as a clinical practitioner, many medical license suspensions result for violations of regulatory requirements.

Many of the regulations governing the healthcare industry address the issue of patient confidentiality. This matter is especially important given the recent proliferation of electronic medical records in recent years (making it much easier to share patient data). Yet with the convenience that EMRs offer also comes the increased potential of violations of the Health Insurance Portability and Accountability Act.

Detailing HIPAA regulations

HIPAA’s primary goal is to prevent unauthorized disclosures of confidential patient information. Among the types of information protected under this Act include:

  • Locational information such as phone numbers, as well as physical and email addresses
  • Patient identifiers such as names, Social Security numbers and medical record numbers
  • Encounter-level details such as account numbers and dates of service
  • Transactional information such as claim submissions and billing invoices

HIPAA prohibits the sharing of this information by covered entities. Per the Centers for Disease Control and Prevention, organizations that fall into the category of “covered entities” are healthcare provider, health insurance plans, clearinghouses and business associated offering third-party services for healthcare entities.

Authorized disclosures under HIPAA

Yet despite the restrictions imposed by HIPAA, there are certain disclosures you can make that as part of your practice that do not constitute violations. In many cases, such disclosures are valid even without patient consent. This includes the sharing of information with other clinicians to assist with a treatment plan. You can also share protected patient information in order receive payment for services rendered.