To MARKPosted by Pauline on 4/01/04 at 09:24 (148257)
I don't know if you went forward to check out HIPAA violations but did you know that even physician websites can be in violation if they do not contain a 'Notice of Privacy Practices' in a prominent location?
Here is a check list that was provided by the government to help those involved with this issue to become compliant with this new law. Since it talks about patients I assume these guidelines were offered to help doctors. I didn't realize how inclusive and extensive this law is or it's importance. Even when I signed those papers in my own doctors offices I had no real understanding how I was protected. I think everyone should take time to read it over.
The deadline for compliance with the HIPAA Privacy Rule was April 14, 2003. Some of the things you should be doing at this point include:
Providing all patients with a Notice of Privacy Practices that contains all of the elements required by the Privacy Rule.
Posting your Notice of Privacy Practices in a prominent location and on your website.
Following written policies and procedures that are compliant with the HIPAA Privacy Rule when patients seek to exercise rights under HIPAA.
Obtaining authorization from the patients in a form that is compliant with HIPAA for all uses and disclosures that are not related to treatment, payment, or healthcare operations, or subject to one of the designated exceptions.
Entering into business associate agreements with individuals or entities who provide services on your behalf, involving the use of protected health information.
Establishing a system for patient complaints.