Road to HIPAA Compliance: Privacy Rule – Privacy Notices and Consumer Complaints
What is the Privacy Rule?
If you’ve been following along with our Road to HIPAA Compliance webinar series, congratulations – we’ve made it to the middle of the road! We are halfway to knowing all about HIPAA compliance. In this session, we’re covering the Privacy Rule, Notice of Privacy Practices, and handling consumer complaints.
The Notice of Privacy Practices is the method used for communicating patient rights to patients. This document establishes the basis for a patient’s understanding of what will happen with their PHI. If we are to effectively communicate those rights, we need to understand that this notice is not an opportunity to get creative or have a lot of leeway. It is required to use plain language, boilerplate headings, and to include the required content and recommended formatting. In this webinar, we discuss the best practices for four areas of required content for Notice of Privacy Practices:
- Uses and Disclosures: describe the uses and disclosures of PHI for treatment, payment, and operational purposes, plus give an example for each purpose.
- Individual Rights: list their rights with respect to PHI, including their right to authorize uses and disclosures.
- Choices: inform patients about the choices they have about disclosing their PHI; for example: which family members do you give the right to disclose PHI to?
- Responsibilities: define the responsibilities of the entity with respect to the PHI; requirement by law to maintain privacy and security of patients’ PHI.
We also want to help you navigate how to acknowledge consumer complaints. Your organization needs to be fair, thorough, and consistent. You should give notice of how to submit a complaint and have channels for receiving, accepting, responding to, and documenting consumer complaints. There are also some things you absolutely cannot do. For example, you cannot discourage complaining in any way or retaliate against a patient for filing a complaint.
Listen to the full webinar to hear more about design, timeliness, limitations, and more for Notice of Privacy Practices. For help drafting your organization’s Notice of Privacy Practices, contact us today to speak to an expert.