2. Patient Confidentiality
• Confidentiality is the right of an individual patient to have personal, identifiable
medical information kept private; such information should be available only to the
physician of record and other health care and insurance personnel as necessary
What is a breach in confidentiality?
• A breach of confidentiality is a disclosure to a third party, without patient consent or
court order, of private information that the physician has learned within the patient-
physician relationship. Disclosure can be oral or written, by telephone or fax, or
electronically, for example, via e-mail or health information networks. The medium
is irrelevant, although special security requirements may apply to the electronic
transfer of information.
3. Confidentiality
Who can breach a patient’s confidentiality?
• Anyone can. A provider, nurse, secretary, records technician, anyone with access
to the medical records of the patient
• Evan talking about a patient’s conditions to someone away from the office is a
violation of that patient's rights and confidentiality, if they have not given expressed
consent to discuss their medical status
4. HIPAA
• HIPAA is the Health Insurance Portability and Accountability Act of 1996 (HIPAA)
• The HIPAA Privacy Rule provides protections for personal health information held
by covered entities and gives patients an array of rights with respect to that
information.
• The HIPAA Privacy Rule provides federal protections for personal health
information held by covered entities and gives patients an array of rights with
respect to that information. At the same time, the Privacy Rule is balanced so that it
permits the disclosure of personal health information needed for patient care and
other important purposes.
5. HIPAA Violations
• It is important to be aware of the different terms of the HIPAA because failure to
comply with any can lead to criminal and civil penalties.
• There are 4 main types of HIPAA violations:
– Willful neglect, which is at the same time not corrected
– Due to willful neglect, but is corrected appropriately within the period required
by law
– Not due to willful neglect, but due to reasonable cause
– Due to ignorance, in which the individual unknowingly violated any of the
terms of the HIPAA
6. HIPAA Violation Penalties
• Minimal penalties for the different types of HIPAA violations vary.
• For instance , if an individual willfully neglected a law and there is no appropriate
correction with in the stated period by the law, the minimum is $50,000 for every
violation made. For this kind of offense, the yearly maximum of $1.5 million is
implemented.
• If an individual willfully neglected the law but appropriately corrected within the
required period, the minimum penalty is $10,000 for every violation, with the annual
maximum for repeat violation set at $250,000
• If there is reasonable cause for a violation instead of willful neglect, the maximum
penalty for every violation is $1,000, with the annual maximum for repeat violations
set at $10,000
• Violations resulting from ignorance, the minimum penalty is only $100 for each
violation. The annual maximum for repeat violations is $25,000
7. • The only sure way to be safe is to not access records unless you need to
• Only access the information you need to look at
• Get permission from the patient before sharing information
• Follow the HIPAA guidelines and rules
• Protect the patient and protect yourself
8. References
• Health Information Privacy (2012). US Department of Health and Human Services. Retrieved 15
February 2012 from: http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html
• HIPAA Violations (nd). HIPAA Violations. Retrieved 15 Feb 2012 from:
http://www.hipaaviolations.org/
• Martin, JN., Loerch-Strumolo, A. (2012). Healthline, The Gale Group. Retrieved 15 Feb 2012
from: http://www.healthline.com/galecontent/patient-confidentiality
• Patient Confidentiality (2012). American Medical Association. Retrieved 15 Feb 2012 from:
http://www.ama-assn.org/ama/pub/physician-resources/legal-topics/patient-physician-
relationship-topics/patient-confidentiality.page