Ever wonder what the acronym HIPAA stands for, how it relates to health care professionals, as well as you, the patient? Violations of the HIPAA Privacy rule greatly impacts health care professionals, specifically those working in a pharmacy, such as pharmacists and pharmacy technicians. Let’s read further to learn more about HIPAA, more specifically the Privacy Rule. The 1996 Health Insurance Portability and Accountability Act, better known as HIPAA, is a federal law that contains national standards, created to protect a patient’s medical and health information, among other things as well.
All health care workers, including pharmacists and pharmacy staff, who have access to patient information must comply with HIPAA and the Privacy Rule (Christenson). In August 2002, the Standards for Privacy of Individually Identifiable Health Information or “Privacy Rule”, was established to implement the requirements of the HIPAA Act. This rule describes what health workers need to do to protect the privacy of their patients’ health information. The Privacy Rule was established to protect patient health information by placing limits on how patient information can be used or disclosed.
The Privacy Rule is just one part of HIPAA, but nonetheless a very important part to health care workers, including pharmacy employees. (HIPPA for Pharmacy Staff) With the establishment of the HIPAA Privacy Rule, a patient’s right to have his or her health information kept private and secure became more than just an ethical obligation of physicians and hospitals t became the law. Protecting patients’ privacy must be part of the daily routine of a pharmacy and is the responsibility of the pharmacist, pharmacy technicians, and the entire staff, therefore the Privacy Rule affects the everyday practice of a pharmacy.
To protect the rights of pharmacy patients, pharmacy technicians need to fully understand and be familiar with the laws of the Privacy Rule. As you perform your job, patient privacy needs to be protected. Patients expect privacy when they receive healthcare, including within a pharmacy. This means that they expect all of their medical information to be kept private and confidential. A patient’s privacy is violated when pharmacy staff or any other health care workers improperly use, disclose or allow unauthorized access to confidential health information. (HHS. gov)
You may ask yourself, “What is considered private health information and what type of information needs to be protected? ” “Protected Health Information”, or rather PHI, is the common phrase referred to in HIPAA rules for the pieces of information which must be kept confidential. The most common protected health information a pharmacy keeps is the patients name, address and phone number, date of birth, age, Health Plan, Medicare or Medicaid ID number, Diagnosis or diagnosis code, and Social Security number. There are, of course, other pieces of information that is considered PHI.
PHI is considered any piece of information that identifies an individual patient. Pharmacies keep records which contain PHI in order to care for patients, bill for products and services or operate effectively. Your pharmacy computer records, prescription files, dispensing reports and backup files all contain PHI. Privacy has to do with patient rights to control sharing of their PHI. Any person has the right to choose whether or not they want their health information shared with anyone except those directly involved in their health care. (HIPPA for Pharmacy Staff)
Most of the time, health care workers do all they can to protect their patients confidential health information, but unfortunately there are times when a patient’s private medical information is used and disclosed in the wrong way, and violation of the Privacy Rule occurs. Consider the following scenario; Mary, a pharmacy technician working in a small community pharmacy, is on the phone in the prescription department joking with a friend about a patient named Jack, a 76-year old family friend who had just been prescribed Viagra. Jack’s neighbor and close friend overheard the technician’s conversation and became highly offended.
She plans on telling Jack what she heard as soon as she gets home. Ask yourself this questions … “has Mary, the pharmacy technician, just violated the HIPAA privacy rule? The answer is of course “yes”! Mary has violated a patient’s privacy by discussing health matters with someone who is not a health care worker and within earshot of other patients. (HIPPA for Pharmacy Staff) As stated before, protecting patients’ privacy must be part of the day-to-day work of the pharmacy dispensing staff as well as all employees who have access to patient information to protect against improper disclosure.
Discussions about patient care and any personal medical information needs to be kept private to reduce the likelihood that those who do not need to know will overhear. Many times legal cases may occur involving violations of the HIPPA Privacy Rule. One such case is that involving the Rite Aid Pharmacy Corporation, which was cited for violation of the HIPPA Privacy Rule. Rite Aid was reported to have disposed of prescriptions and labeled pill bottles containing individuals’ identifiable information in industrial trash containers that were accessible to the public.
Disposing of individuals’ health information in an industrial trash container accessible to unauthorized persons is not compliant with several requirements of the HIPAA Privacy Rule and exposes the individuals’ information to the risk of identity theft and other crimes. “It is critical that companies, large and small, build a culture of compliance to protect consumers’ right to privacy and safeguard health information. OCR is committed to strong enforcement of HIPAA,” said Georgina Verdugo, director of OCR.
It was also noted that Rite Aid failed to implement adequate policies and procedures to appropriately safeguard patient information during the disposal process and Rite Aid failed to adequately train employees on how to dispose of such information properly. As a result of this violation, Rite Aid agreed to pay $1 million dollars to settle the HIPPA Privacy Case. This case clearly defines the importance of making sure that employees fully understand and are properly trained in all of the HIPPA rules and regulations when it comes to maintaining patient privacy and confidentiality.
In Conclusion, the HIPPA Privacy Rule greatly impacts any health care professional, specifically relating to a pharmacy and its entire staff when dealing with patient information on a daily basis. As an employee working in a pharmacy, whether it is a community pharmacy, hospital pharmacy, or any other type of pharmacy, one of your jobs will be to help maintain privacy for patients as they receive care and help protect the confidentiality of their private information.
There will be times when you will hear or see patient information and you are expected to not seek out information about patients unless it is job-related. When you do see or hear information in the course of doing your job, always remember that the information is should be considered confidential and you are not allowed to repeat it or share it with others. As a future pharmacy technician, I will come in contact with patients on a daily basis and will be required to use their personal information as a part of my job duties.
Therefore it is my responsibility to fully understand and become properly educated with the HIPPA Privacy Rule in order to protect the privacy of all the patients I will encounter. Whether I am on the job or off the job, it is my obligation to adhere to the HIPPA privacy rule and keep every bit of a patient’s information confidential. Proper use of this information, using it only as needed for prescription use is required. In addition, I will also play an important role in developing policy and procedures for using patient information and identifying situations to which the Privacy Rule applies.
A pharmacy needs to be committed to protecting patient privacy and confidentiality, and pharmacy technicians are just one important piece of the whole team to make sure that patient confidentiality is being maintained. The ultimate goal is to keep the patients best interest and treat them with the utmost respect and dignity. Understanding the HIPPA Privacy rule can be very overwhelming and confusing, but just remember that patient privacy should be top priority for pharmacy staff. HIPAA has many rules, but most are pretty much common sense and are pretty easy to follow.
WE WILL WRITE A CUSTOM ESSAY SAMPLE ON
ANY TOPIC SPECIFICALLY
FOR ONLY $13.90/PAGEWrite my sample
HIPPA Violations Essay
1174 Words5 Pages
Disclosing confidential patient information without patient consent can happen in the health care field quite often and is the basis for many cases brought against health care facilities. There are many ways confidential information gets into the wrong hands and this paper explores some of those ways and how that can be prevented. When confidential patient information is disclosed without consent it is a violation of the HIPAA Title II Security Rule. This rule was enacted in response to private information being leaked to the news and emails containing privileged information were read by unauthorized people. Identity theft is a real concern so patient privacy should be taken seriously. This is a rule can easily be broken without the…show more content…
Consent and authorization are treated differently when it comes to the privacy rule. Consent gives doctors who directly care for the patient permission to use and disclose protected health information (PHI), for the purposes of treating the patient. Authorization on the other hand, is more specific to the procedure or treatment being performed at the time and has an expiration date. An authorization is needed to disclose PHI to employers for employment decisions or to insurance companies to determine eligibility for life insurance. So, giving consent for treatment does not give a health care entity permission to disclose PHI to unauthorized third parties. The penalties for violating the rules dictating by HIPAA are complicated because the guidelines are still very broad and the rules are still so new that with each case new standards are being set as to the way violations are being handled. Violation of HIPAA rules can result in civil and criminal consequences. There is case that marked history as the first health care organization to be fined for a HIPAA violation. Cignet Health in Maryland was fined $4.3 million for two violations: failure to provide patients a copy of their medical records within 60 days of a request and failure to cooperate with civil investigators. “HIPAA calls for civil and criminal penalties for privacy and security violations, including: -- fines up to $25K for multiple violations of the same standard in a calendar year -