• Information about a patient in a patient’s health insurer’s computer system. • Billing information about a patient at the patient’s clinic. • Most other health information about the patient, held by those who must follow these laws. How is this information protected? • Covered entities must put in place safeguards to protect health information and ensure they do not use or disclose health information improperly. • Covered entities must reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose. • Covered entities must have procedures in place to limit who can view and access a patient’s health information as well as implement training programs for employees about how to protect health information. • Business associates also must put in place safeguards to protect a patient’s health information and ensure they do not use or disclose health information improperly. What rights does a patient have over their health information? Patients have the right to: • Ask to see and get a copy of their health records. • Have corrections added to their health information. • Receive a notice that tells the patient how their health information may be used and shared. • Decide if they want to give their permission before their health information can be used or shared for certain purposes, such as for marketing. • Get a report on when and why their health information was shared for certain purposes. • File a complaint with their provider or health insurer, if they believe their rights are being denied or their health information is not being protected. Who can look at and receive health information? Health information can be used and shared: • For the patient’s treatment and care coordination. • To pay doctors and hospitals for the patient’s health care and to help run their businesses.
267
Made with FlippingBook - professional solution for displaying marketing and sales documents online