- HIPAA’s Privacy Rule gives patients reasonably strong rights over their health information. Privacy among these is the right of examining and obtaining a copy of their health records. Patients can also ask for corrections to be made.
- The Privacy Rule standards give to individual the privacy rights for comprehending and controlling the way in which their health information is used. Within the Department of Health and Human Services (HHS), the office for Civil Rights (OCR) is responsible for the implementation and enforcement of the Privacy Rule with regards to civil money penalties and voluntary compliance activities.
- Another important aspect of the A to Z’s of the Privacy Rule is that Covered Entities are required to notify individuals whenever their PHI is used. CE’s are also required to keep track of disclosures they have made PHI or any document privacy policies and procedures.
- In order to ensure this, CE’s are required to appoint a Privacy Official as well as a contract person, who has responsibility to receive complaints, apart from training all members of their workforce in comprehending and implementing PHI’s procedures.
- When an individual has reason to believe tat the Privacy Rule is not being upheld: such an individual has the right to file a compliant with the OCR.