Quote of the Day:
Everything that can be invented has been invented.
--Charles H. Duell
In this column I often write about promoting health information exchange.
In all cases, however, we must comply with HIPAA and place barriers for confidentiality and privacy to protect patients from unauthorized access to their health records without proper authorization.
Health Insurance Portability and Accountability Act of 1996 (HIPAA) is an expansive set of rules to privacy for patient information. The lesser known aspects of it may be largely unknown by physicians. I came across a survey of dentists which had some interesting information, although not all aspects apply to medical offices. It is available for a full read at:Dental Survey
Several lesser known requirements are:
Inventory and Control of all hardware and software
Security and disposal of all media
Log of maintenace of hardware/software
WRITTEN work station
Further details are in the article itself.
Such questions arise such as:
Should patients have the option to specify that their medical records not be shared on a common HIE?
Should there be an audit trail for 'shared information'?