The U.S. Department of Health and Human Services issued the Privacy Rule to put into practice the requirement of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).  The Privacy Rule standards address the use and disclosure of individuals’ health information—called “protected health information” (PHI). PHI is any information held by a covered entity which concerns health status, provision of health care, or payment for health care that can be linked to an individual.

A main goal of the Privacy Rule is to assure that individuals’ health information is suitably protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well being. An appropriate balance is maintained by the rule that permits important uses of information, while protecting the privacy of people who seek care and healing.

The Privacy Rule gives individuals the right to request that a covered entity correct any inaccurate PHI. It also requires covered entities to take reasonable steps to ensure the confidentiality of communications with individuals. Also covered entities are required to notify individuals of uses of their PHI. A track of disclosures of PHI and document privacy policies and procedures need to be maintained by the covered entities. A Privacy Official and a contact person responsible for receiving complaints must be appointed and all the members of their workforce in procedures regarding PHI must be trained properly to avoid any kind of divergence.

HIPAA’s Privacy Rule requires that a covered entity must develop comprehensive HIPAA Privacy policies with respect to PHI. It is essential that the policies and procedures must be reasonably designed, taking into account the size of and the type of activities that relate to protected health information undertaken by the covered entity, to ensure such compliance.

“Essentially, a covered entity is required to develop and implement policies and procedures appropriate to the entity’s business practices and workforce that reasonably minimize the amount of protected health information used, disclosed, and requested;” – HIPAA Privacy Rule 45 CFR Part 160

To jump start your HIPAA Security policy creation, it is recommend to use templates. HIPAA Privacy Policies templates can be used by Healthcare entities like Hospitals, Insurers, Long Term Care/Skilled Nursing Facilities, Ambulatory Surgery Centers, Assisted Living/Intermediate Care Facilities, Clinical Laboratories, Clinics, Dialysis Providers, Employer Plans, HMOs, Home Health Agencies, Hospices, Pharmacies, Physicians, PPOs, Rehabilitation Facilities, other payees & providers and business associates of healthcare organizations

We recommend these Privacy Policies templates to achieve your HIPAA Privacy Compliancewhere all 51 policies are available in MS Word format and can be easily customized as per your requirements.

References
Tabak, N. &Ozon, M. (2004). The influence of nurse attitude, subjective norms and
Perceived behavioral control on maintaining patient’s privacy in hospital setting.
Ellis,J.R. & Hartley, C.L. (2000). Nursing in Today’s World: Challenges, Issues and
Trends (7th ed.), Lippincott.
Chinn. (1984). Professional Nursing Concepts and challenges. B.Standers Company.
London.
Lippincott. W, (2006) 8th ed. Manual Nursing Practice. Lippincott Company,
Philadelphia.

Q: Why home health care?
A: Home health care is a cost-effective option for receiving health care services. Returning to one’s home and family can quicken recovery and improve the quality of life for both patient and family or caregiver.

Q: Who pays for home health care?
A: Most health insurance companies, HMOs, PPOs and Workers Compensation cover home health care. In addition, Medicare and Medicaid pay for home care services. Some insurance providers do not cover all home health services. Our staff will verify health coverage for the patient.

Q: What criteria are required for Medicare to approve services?
A: The following criteria are used to meet Medicare requirements:
• The patient is a Medicare recipient.
• The patient must be homebound. This is defined by Medicare as “normal inability to leave the home and that leaving the home requires considerable and taxing effort.”
• The skilled care must be medically necessary as determined by the physician.

Q: What if I have a problem at night or on the weekend?
A: We have registered nurses on call 24 hours a day, 7 days a week.

Q: Do I need a physician’s order for home health care?
A: Yes, all health care provided in the home occurs under direct order and supervision of the patient’s physician.

Q: What types of services can be provided at home?
A: Many medical conditions that previously required hospitalization can safely be treated in the home. Home care services may include but are not limited to:

Skilled Nursing:
• Observation and assessment of condition
• Patient and family education of disease process
• Management and evaluation of patient care plan
• Medication education and management
• Dressing changes
• Home safety education
• Wound care
• Catheter care
• Injections
• IV therapy
• Ostomy care
• Pain management
• Diabetic care
• Nutritional support

Assistance with Daily Living:
• Bathing/dressing
• Transfer/ambulation
• Light meal preparation
• Light housekeeping
• Grocery shopping
• Medication reminder
• Laundry
• Companionship/Conversation
• Reading/writing
• Pet sitting/walking
• Escort to appointments
• Live-ins
• Respite
• Exercise therapy assistance

Q: How does Paloma Home Health Care, Inc. ensure quality care in the home?
A: Providing continuous quality care to patients is paramount to all we do. All patients are given a patient satisfaction survey that is incorporated into our ongoing evaluation process to continually increase our patient satisfaction. New programs and processes are developed through our quality improvement team to promote favorable outcomes.

Q: How do I find out more about home health care?
A: Please call our office to learn more about how you can benefit more about the service, at 972 346 2013

Q: What services can Paloma Home Health Care, Inc. offer?
A: Our services include but are not limited to:
• Supportive Care Education of Disease Process
• Individual and Family Counseling
• Management and Evaluation of Patient Care
• Observation and Assessment
• Home Safety and Emergency Education
• Medication Education
• Assistance with ADLs
• Nutrition Education
• Restorative Therapy (Physical, Occupational and Speech)

Drug stores provide medications for all kinds of ailments. These can be prescription drugs or over-the-counter drugs. Over-the-counter drugs do not need a prescription from a qualified doctor. Online pharmacy is best help to those people who is too shy to share their problems with doctor. Online drug store pharmacy keeps people out of embarrassment of sharing health privacy with doctor. With this option, one can get his desired drug delivered at his doorstep confidentially.

Online drug store pharmacy somewhat guarantees one to avail drugs at cheaper rate than one can buy from market. Online pharmacies source their goods directly from the manufacturer or wholesaler. They get cheaper prices which makes online customers to buy it at cheap rates. If one is a regular user of buying drugs through online pharmacy, he could end up saving thousands of pounds over the year.

While one is using the service of online drug store, he has to be careful about unregistered pharmacy who deliever unlicensed drugs to buyers. Besides, online buyers have to be wary about the mode of payment. Online pharmacies offer secure modes of payment in tie-up with several leading banks and well known world wide payment facilitators.

Online drug store pharmacy tries their utmost to keep customers at convenience. Many of online pharmacies have their own medical practitioner who advices and prescribes to suffering people. But, one should consult his doctor before using any medication for the first time.

Besides, saving plenty of time and money, Drug store pharmacy online keep people seeking medication at ease. With the increased busy schedule in life, online pharmacy is all set to be very popular among people for the treatment of various diseases.

Whether you’re for or against federal efforts to help people buy health insurance, you should know that the reform bill before the Senate would mandate a healthcare system that is definitely “not free.”

What most of us know about the Democratic bill is that it requires nearly all Americans to have health insurance. What most of us don’t know is that it requires us to buy a minimum level of insurance approved by the federal government, and forces health plans and providers to share our personal health information with the federal government and other entities.

If this bill becomes law, we could each be assigned a national beneficiary ID number or card (possibly an electronic device). And our personal health information will flow electronically to the US secretary of Health and Human Services (HHS) – and many others – without our consent.

Sound farfetched? Buried in the Senate bill’s 2,074 pages are provisions that actually permit and foster such things. Freedom and privacy are often lost in the fine print – which is why we’ve been studying the Senate bill since it was released Nov. 19 to help uncover the facts. Here are five highly invasive provisions Americans should know:

1. Mandatory insurance

Bill text: “Sec. 1501. Requirement to Maintain Minimum Essential Coverage…. An applicable individual shall for each month beginning after 2013 ensure that the individual, and any dependent of the individual who is an applicable individual, is covered under minimum essential coverage for such month.”

Translation: Uncle Sam will now serve as your national insurance agent and force you to buy “minimum essential coverage” – or else you’ll have to pay an annual fine.

However, what Congress considers “minimum essential coverage” and “essential health benefits requirements” includes comprehensive coverage that many neither need nor want. Plus, those who prefer to carry catastrophic-only coverage won’t have a free range of options for such coverage.

Bottom line: In a free society, the government should not force citizens to buy any product nor should the government mandate citizens’ level of health-insurance coverage.

Rather than imposing penalties to coerce people into government-sanctioned health insurance, Congress should offer incentives to help those who wish to buy insurance but find it unaffordable.

Congress could allow everyone to deduct the full cost of health insurance (and provide tax credits for those with no tax liability), while offering assistance to those who can’t afford insurance and subsidize high-risk pools for those with preexisting conditions.

Helping those in need is a much better way to reform our nation’s healthcare system than overhauling the entire system and putting Big Brother in charge of deciding what is acceptable coverage for nearly every American.

2. Electronic data exchanges

Bill text: “Sec. 1104. Administrative Simplification…. (h) Compliance. – (1) Health Plan Certification. – (A) Eligibility for a Health Plan, Health Claim Status, Electronic Funds Transfers, Health Care Payment and Remittance Advice. – Not later than December 31, 2013, a health plan shall file a statement with the Secretary, in such form as the Secretary may require, certifying that the data and information systems for such plan are in compliance with any applicable standards (as described under paragraph (7) of section 1171) and associated operating rules (as described under paragraph (9) of such section) for electronic funds transfers, eligibility for a health plan, health claim status, and health care payment and remittance advice, respectively.”

Translation: Requiring everyone to buy federally sanctioned health insurance, and then forcing qualified plans to comply with Administrative Simplification requirements, provides the government and health industry with power they would not be able to exercise in a free market.

Administrative Simplification rules are a product of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. They lay the foundation for a nationally linked database of personal health information. A federal “Nationwide Health Information Network” (NHIN) is well under way in the United States, without assurances that individuals will control their personal health data.

Bottom line: Americans should be able to contract privately with the insurance companies of their choice. Patients should be able to decide whether to have electronic or paper medical records, and not have the government require electronic records, which are then included in a nationally linked database.

3. Real-time health and financial data

Bill text: “Sec. 1104. Administrative Simplification…. (4) Requirements for Financial and Administrative Transactions. – (A) In General. – The standards and associated operating rules adopted by the Secretary shall – (i) to the extent feasible and appropriate, enable determination of an individual’s eligibility and financial responsibility for specific services prior to or at the point of care…. (i) Eligibility for a Health Plan and Health Claims Status. – The set of operating rules for eligibility for a health plan and health claim status transactions shall be adopted not later than July 1, 2011, in a manner ensuring that such operating rules are effective not later than January 1, 2013, and may allow for the use of a machine readable identification card.”

Translation: Administrative Simplification rules are being expanded to gather real-time financial and health data on individuals through a tracking ID, possibly a “machine readable” ID card (electronic device).

Bottom line: Moving forward with real-time data collection without an ethical patient consent provision means everyone loses their health-privacy rights. Congress needs to enact strong patient consent provisions for all health data, especially data collected “real-time.”

4. Health data network

Bill text: “Sec. 6301. Patient-Centered Outcomes Research.… (f) Building Data for Research. – The Secretary shall provide for the coordination of relevant Federal health programs to build data capacity for comparative clinical effectiveness research, including the development and use of clinical registries and health outcomes research data networks, in order to develop and maintain a comprehensive, interoperable data network to collect, link, and analyze data on outcomes and effectiveness from multiple sources, including electronic health records.”

Translation: Your personal health information may soon be studied by government scientists. Washington is creating a new research center that plans to use patients’ electronic health records for conducting research and creating disease registries. The data network is comprehensive and includes use of electronic health records.

Bottom line: Federal funds should not be used to collect data electronically and conduct research on patients’ personal health information without their consent.

5. Personal health information

Bill text: “Sec. 6301. Patient-Centered Outcomes Research…. (B) Use of Data. – The [Patient-Centered Outcomes Research] Institute shall only use data provided to the Institute under subparagraph (A) in accordance with laws and regulations governing the release and use of such data, including applicable confidentiality and privacy standards.”

Translation: Think your health privacy is protected? It’s not. This language refers to “applicable confidentiality and privacy standards,” but HIPAA’s so-called privacy law permits individuals’ personal health information to be exchanged – for many broad purposes – without patients’ consent (See 45 CFR Subtitle A, Subpart E – Privacy of Individually Identifiable Health Information; section 164.502(a)(1)(ii) “Permitted uses and disclosures”).

Bottom line: Trust is a must for ensuring quality healthcare. Thus, as stated above, Congress needs to pass a strong, ethical patient consent law that ensures patients have control over the flow of their personal health information.

What about the consent of the governed?

All told, the national mandatory health-insurance bill puts the federal government in charge of individuals’ insurance choices and data privacy. This philosophy of governing is the opposite of America’s founding principle: consent of the governed.

Without health freedom and privacy rights, Congress is opening the door for many wrongs to be committed – all in the name of covering the uninsured.

A. Discuss your confidentiality concerns with your doctor. If you want a specific condition to be held in confidence by your personal physician, bring a written request to the appointment that revokes your consent to release medical information to the insurance company and/or to your employer for that visit. You must also pay for the visit yourself rather than obtain reimbursement from the insurance company.

To be especially certain of confidentiality, you may need to see a different physician altogether and pay the bill yourself, forgoing reimbursement from the insurance company. Realize that under HIPAA, your attempts to restrict the sharing of specific records can be denied by the health care provider.

B. Ask your health care provider to use caution when photocopying portions of your medical records for others. Sometimes more of your medical records are copied than is necessary, for example, when requested by the insurance company or another health care provider.

C. Find out if your health care provider has a policy on the use of cordless and cellular phones and fax machines when discussing and transmitting medical information. Wireless telephones are not as private as standard “wireline” telephones. Because they transmit by radio wave, phone conversations can be overheard on various electronic devices. Digital systems are more secure. (See PRC Fact Sheet 2: Wireless Communications)

Fax machines offer far less privacy than the mail. Frequently many people in an office have access to fax transmissions. Staff members at all levels of the organization should take precautions to preserve confidentiality when sending and receiving medical documents by fax machine. (See PRC Fact Sheet 12: Checklist of Responsible Information Handling Practices)

Your medical information is not confined to health care institutions. Here are some additional situations where you must be careful to protect your privacy.

D. If your records are subpoenaed for a legal proceeding, they become a public record. Ask the court to allow only a specific portion of your medical record to be seen, or better yet, not to be open at all. A judge will decide what parts, if any, of your medical record should be considered private. After the case is decided, you can also ask the judge to “seal” the court records containing your medical information.

E. If your employer is self-insured, the human resources department is likely to have information about any health-related claims that you file. If you are concerned about the privacy protection policies and practices of your employer, talk to the appropriate administrator. You should consider following up with a letter to the head of the department that handles health-related information. Diplomatically stress your desire for all of your health information to be handled with the utmost confidentiality. Keep a copy for yourself, filed at home.

F. Think twice before filling out marketing-related questionnaires. They commonly contain sections that ask for a great deal of family health information. The loss of your medical privacy is a high price to pay in exchange for a few free coupons or a chance to win a contest. For more information, read the PRC’ s 2001 testimony to the Federal Trade Commission.

G. Before participating in health screenings offered in shopping malls and other public places, find out what uses will be made of the medical information that is collected. If you are not given the opportunity to say “no” to the sharing of your medical information with others, don’t participate.

H. Use caution when visiting health-related websites and when participating in online discussion groups.

• Carefully read the privacy policies and terms of services of medical websites. Do not fill out registration forms unless you are satisfied with the web operator’s privacy policy.
• Use a pseudonym when participating in chat rooms and online forums.
• Before sharing personal information with a health website, find out if it participates in a web seal program such as TRUSTe, URAC Health Web Site Accreditation, HON (Health on the Net) and BBBOnline.
• Remember, companies can change their privacy policies at any time. And if the company goes bankrupt, its data base of user information could be sold to the highest bidder.

I.  Establish your own history of treatment. If you decide to change physicians or health care organizations, it is a good idea to obtain copies of your medical records. Physicians may retire, move out of state or merge practices with other physicians. Health care facilities may merge with another facility or even go out of business following bankruptcy. Get copies of medical records while you can. Don’t count on your ability to get your records years after treatment. If your doctor or health care provider goes out of business, be sure to find out where they intend to store the medical records of their patients.

Although HIPAA does not require that medical records be kept for a set time, many states have such laws. To find out what your state has to say about retention of medical records, see the following American Health Information Management Association (AHIMA) Practice Brief: Retention of Health Information.

J. If your employer offers an employee health or wellness program, an EHP, ask about any established privacy policy. You want to know whether your progress reports will be maintained by an outside consultant or made a part of your permanent personnel file.

A. Insurance companies usually require you to release your records before they will issue a policy or make payment under an existing policy. This is especially true if you apply for individual health insurance as opposed to a group health plan available through your employer.

Insurance companies are considered financial institutions under the federal GLB law. Like banks and brokerage houses, they must provide you a notice of how they gather and use your customer information. You may have the right to opt-out of sharing some information with other companies.

To learn more about the insurance privacy laws in your state, visit your state’s Department of Insurance website. Find your state’s Department of Insurance by visiting the National Association of Insurance Commissioners website. Medical information gathered by an insurance company may also be shared with others through the Medical Information Bureau (see below).

B. Government agencies may request your medical records to verify claims made through Medicare, MediCal, Social Security Disability, and Workers Compensation.

C. The Medical Information Bureau (MIB) is a central database of medical information shared by insurance companies. Approximately 15 million Americans and Canadians are on file in the MIB’s computers. About 600 insurance firms use the services of the MIB primarily to obtain information about life insurance and individual health insurance policy applicants.When you apply for life or health insurance as an individual, you are likely to be asked to provide information about your health. Sometimes you are required to be examined by a doctor and/or to have your blood and urine tested. If you have medical conditions that insurance companies consider significant, the insurance company will report that information to the MIB.The information contained in a typical MIB record is limited to codes for specific medical conditions and lifestyle choices. Examples include codes to indicate high blood pressure, asthma, diabetes, or depression. A code can signify participation in high-risk sports such as skydiving. A file would also include a code to indicate that the individual smokes cigarettes. The MIB uses 230 such codes.It’s important to remember the following about the MIB:

• The MIB is not subject to HIPAA.MIB files do not include the totality of one’s medical records as held by your health care provider. Rather it consists of codes signifying certain health conditions.
• A decision on whether to insure you is not supposed to be based solely on the MIB report.
• The MIB is a consumer reporting agency subject to the federal Fair Credit Reporting Act (FCRA). If you are denied insurance based on an MIB report, you are entitled to certain rights under the FCRA, including the ability to obtain a free report and the right to have erroneous information corrected. See the Federal Trade Commission’s website on insurance decisions.

The MIB does not have a file on everyone. But if you have an MIB file, you will want to be sure it is correct. You can obtain a copy for free once a year by calling (866) 692-6901 (TTY for the hearing impaired (866) 346-3642) or by visiting the MIB’s website.

In general the MIB can be contacted at Medical Information Bureau, P.O. Box 105, Essex Station, Boston, MA 02112, or by sending an email to infoline@mib.comWeb: www.mib.com.

D. IntelliScript and MedPoint are databases that report prescription drug purchase histories to insurance companies. Like the MIB reports, IntelliScript and MedPoint reports are used primarily when consumers are seeking private health, life or disability insurance. Prescription drug databases can go back as far as five years, detailing drugs used as well as dosage and refills.

With a history of prescription drugs in hand, insurers may make assumptions about medical conditions and assess the risk of writing an insurance policy. Information in an IntelliScript or MedPoint report may prompt an insurer to deny coverage for certain conditions, increase insurance premiums, or deny coverage altogether. Such adverse actions by insurance companies trigger a sequence of consumer rights under the Fair Credit Reporting Act (FCRA).

Until recently, use of prescription drug databases was unknown to consumers. Insurers’ use of these databases first came to light in 2007 when the Federal Trade Commission (FTC) sued Milliman, the owner of the IntelliScript database, and Ingenix, Inc., owner of the MedPoint database.

The FTC claimed that the companies are consumer reporting agencies subject to the FCRA. Both cases were settled without the data brokers paying a monetary penalty, but Milliman and Ingenix agreed to follow the FCRA. This means, among other things, that consumers who apply for private insurance and are turned down because of something in an IntelliScript or MedPoint report are entitled to a copy of the report from their insurance company and an opportunity to dispute the accuracy of information in the report.

Individuals who have applied for individual health, life or disability insurance may also request a copy of any prescription report directly from MedPoint or IntelliScript. Reports are available once a year whether or not there has been an adverse decision by an insurance company.

You can request a copy of your MedPoint report by calling (888) 206-0335 or writing to: MedPoint Compliance, Ingenix, Inc., 2525 Lake Park Blvd, West Valley City Utah 84120. Additional contact information can be found atwww.ingenix.com/ContactUs/

IntelliScript reports are available by calling the toll-free request line at (877) 211-4816. Consumers will have to provide their full name, date of birth, last four digits of their Social Security number and current zip code. Milliman will provide a copy of any information the company has on an individual as well as the names of insurance companies that have requested a prescription history. The Milliman webpage “How does it work?” includes information about the product as well as additional contact information.

E. Employers usually obtain medical information about their employees by asking employees to authorize disclosure of medical records. This can occur in several ways not covered by HIPAA. Unfortunately, the laws in only a few states require employers to establish procedures to keep employee medical records confidential. (For example, California Civil Code §56.)

A potential employer may ask for medical information as part of an employment background check, with limitations as explained below. To learn more on employment background checks and an employer’s obligations under the FCRA, read PRC Fact Sheet 16: Employment Background Checks,  and the FTC’s website on background checks.

According to the federal Americans with Disabilities Act in workplaces with more than 15 employees (ADA text, 42 USC §12101 et seq.)

• Employers may not ask job applicants about medical information or require a physical examination prior to offering employment. After employment is offered, an employer can only ask for a medical examination if it is required of all employees holding similar jobs.
• If you are turned down for work based on the results of a medical examination, the employer must prove that it is physically impossible for you to do the work required.

Report violations of the ADA to the U.S. Equal Employment Opportunity Commission (EEOC). Phone: (800) 669-4000. Web: www.eeoc.gov.

For more on health information in the workplace, see the Department of Health and Human Services webpage on Employers and Health Information in the Workplace.

F. Your medical records may be subpoenaed for court cases. If you are involved in litigation, an administrative hearing, or a worker’s compensation hearing and your medical condition is an issue, the relevant parts of your medical record may be copied and introduced in court. Whether or not some or all of your medical information is deemed “relevant” may depend on the judge or skill of the attorneys involved.

In addition, law enforcement officials may receive protected health information in other situations such as an instance of abuse, a death, a gunshot or stabbing. For more on circumstances that allow law enforcement to have access to medical information, see the Health and Human Services Frequently Asked Questions.

G. Other disclosures of medical information occur when medical institutions such as hospitals or individual physicians are evaluated for quality of service. This evaluation is required for most hospitals to receive their licenses. Your identity may or may not be disclosed when medical practices are evaluated. Evaluations for accreditation are called “health care operations” under HIPAA. Consent to use your information for these purposes is usually not required.

Occasionally your medical information is used for health research and may be disclosed to public health agencies like the Centers for Disease Control. Specific names are usually not given to researchers. Their use of patient information is covered by HIPAA. (U.S. Dept. of Health and Human Services and PRC Fact Sheet 8a: HIPAA Basics)

H. Medical information may be passed on to direct marketers when you participate in informal health screenings. Tests for cholesterol levels, blood pressure, weight and physical fitness are examples of free or low-cost screenings offered to the public. Screenings are often conducted at pharmacies, health fairs, shopping malls, or other nonmedical settings. The information collected may end up in the data banks of businesses which have products to sell related to the test.

I. A tremendous amount of health-related information is found on the Internet. Many discussion forums are available for individuals to share information on specific diseases and health conditions. Websites dispense a wide variety of information. There is no guarantee that information you disclose in any of these forums is confidential. Always review the privacy policy of any website you visit.

Financial records. The federal Gramm-Leach-Bliley Act (GLB) allows financial companies such as banks, brokerage houses, and insurance companies to operate as a single entity. GLB gives you the right to be notified about the information-sharing practices of financial institutions. And you must be given an opportunity to opt-out of third-party information sharing. But GLB does not keep information from being shared among affiliated companies.

Your credit card account and checking transactions are likely to include information about where you go for health care. Insurance applications and medical claims also contain health-related information. So it is possible for such medical information to be shared among affiliates of financial institutions. Such information is not protected by HIPAA.

Some financial companies promise extra protection for medical information. And insurance companies may be prohibited from giving information to an affiliated bank by state insurance laws. It pays to examine the privacy notices of financial institutions carefully. (Read PRC Fact Sheet 24: Protecting Financial Privacy.)

In addition, the Fair Credit Reporting Act (FCRA) now limits the way financial companies can use medical information when you apply for credit. For example, if you apply for a car loan, the lender can consider debts for unpaid medical bills just like any other debt. However, the lender cannot ask about your medical condition and must treat medical bills like any other debt in deciding whether to give you a loan. Another section of this law now says that credit bureaus cannot report the name, address or telephone number of any medical creditor, unless the information is reported in code.

For more on your medical information, lenders and the credit bureaus, see PRCFact Sheet 6b: FACTA, The Fair and Accurate Credit Transactions Act.

Education records maintained by your child’s school contain vaccination histories, information about physical examination for sports, counseling for behavioral problems, and records of visits to the school nurse. Privacy of education records is under the control of the U.S. Department of Education and the Family Educational Rights and Privacy Act (FERPA). These records are not covered by HIPAA.

For more information about FERPA, visit the Department of Education’s website on FERPA.

Also see guidance on education records and HIPAA issued jointly by the Department of Education and the Department of Health and Human Services.

Employment records and medical information may be mingled in situations not covered by HIPAA. Your employer may be covered by the Occupational Safety and Health Act (OSHA). If so, you have the right to access your medical records gathered for your employer’s OSHA responsibilities. (See the U.S. Department of Labor website on employee’s rights under OSHA)

In addition, the federal Family and Medical Leave Act (FMLA) gives most workers the right to 12 weeks of unpaid leave a year for personal and family health. If FMLA leave is because of a serious illness, your employer may request a doctor’s certification of the illness. But the employer cannot make you produce medical records. See the U.S. Department of Labor website for more information on FMLA.

Employers, in an effort to control rising healthcare costs, now offer a variety of health and fitness programs. Many programs, often called Employee Health Programs or EHPs, are offered by outside contractors that service multiple employers.

EHPs may be as simple as a lunchtime exercise class or include a highly-structured weight loss plan with personal trainers, individualized diets, exercise plans and close monitoring of weight, blood pressure, or body mass index. Employees, in some case, may also receive counseling for personal and family problems or substance abuse through programs established by their employer. Such programs are generally not covered by HIPAA. As such, there is no universal privacy standard that applies to all programs.

If your employer is self-insured for employees’ medical benefits, its handling of insurance claims and other health-related information is covered by HIPAA. In this capacity, the employer would be considered a “hybrid” entity. For more information on HIPAA involving employer group health plans and self-insurance situations, read PRC Fact Sheet 8a: HIPAA Basics.

In fact an employment law attorney represents workers in cases such as discrimination, wrongful termination, workplace safety and unfair labor practices in general. As stated, in the Equal Employment Opportunity Commission, an employee can not be discriminated based on his race, color, religion, sex or national origin. An EEO lawyer is here to help protect such rights.

One area of expertise of Alan Lescht & Associates is into federal employee issues. Those types of cases can be extremely complex and they do take time. Thus, dealing with a federal employment lawyer can be a necessity, as they have experience in this kind of environment.

If you have suffered any kind of harassment or discrimination, Alan Lescht & Associated is the law firm with the experience and results you need. They got several multi-million-dollar settlements in the past. They will remain attentive and answer any questions you may have during your case.

Contact information:

Alan Lescht & Associates, P.C.
1050 17th Street, NW Suite 220
Washington, DC 20036-5545
tel: (202) 463-6036
fax: (202) 463-6067

Your Health Information Is Protected By Federal Law

Most of us believe that our medical and other health information is private and should be protected, and we want to know who has this information. The Privacy Rule, a Federal law, gives you rights over your health information and sets rules and limits on who can look at and receive your health information.

Who Must Follow This Law

We call the entities that must follow the Privacy Rule covered entities.

Covered entities include:

• Health Plans, including Health Insurance companies, HMOs, company health plans, and certain government programs that pay for health care, such as Medicare and Medicaid.
• Most Health Care Providers—those that conduct certain business electronically, such as electronically billing your health insurance—including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and dentists.
• Health Care Clearinghouses—entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.

Who Is Not Required to Follow This Law

Many organizations that have health information about you do not have to follow this law.

Examples of organizations that do not have to follow the Privacy Rule include:

• life insurers,
• employers,
• workers compensation carriers,
• many schools and school districts,
• many state agencies like child protective service agencies,
• many law enforcement agencies,
• many municipal offices.

What Information Is Protected

• Information your doctors, nurses, and other health care providers put in your medical record
• Conversations your doctor has about your care or treatment with nurses and others
• Information about you in your health insurer’s computer system
• Billing information about you at your clinic
• Most other health information about you held by those who must follow this law

How Is This Information Protected

• Covered entities must put in place safeguards to protect your health information.
• Covered entities must reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose.
• Covered entities must have contracts in place with their contractors and others ensuring that they use and disclose your health information properly and safeguard it appropriately.
• Covered entities must have procedures in place to limit who can view and access your health information as well as implement training programs for employees about how to protect your health information.

Mailing Address and Telephone Number

The U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Telephone: 202-619-0257
Toll Free: 1-877-696-6775

Source: http://www.hhs.gov