Patients now have yet another piece of paperwork to fill out at the doctor's office, but this one should actually make them happy.
The Health Insurance Portability and Accountability Act, a 1996 federal law aimed at increasing privacy and confidentiality in health care settings and ensuring patients' awareness of their rights, went into effect Monday.
Britt Crewse, associate vice president and chief compliance and privacy officer of the Duke University Health System, explained the minor changes that will take place. For example, DUHS will no longer release the date and time of death of a patient or release any information on victims of crime.
"Patients will not see many changes," Crewse said. He added that many hospitals across the nation would find it tougher than DUHS to comply with the HIPAA regulations because Duke already had a higher standard than most hospitals.
"For Duke, it's just formalizing what we had already done," he said.
To ensure that patients are aware of their new rights under HIPAA, DUHS began handing out a pamphlet called "Notice of Privacy Practices" April 7 with a release that allows patients to acknowledge receipt of the notice or refuse to sign it, among other choices.
The notice clarifies how DUHS may use protected health information, including for reasons of treatment, payment, public health risks or law enforcement. Additionally, patients will now have access to their personal record, the record of disclosure of health information outside DUHS and the right to amend portions of their medical record.
Dr. Bill Christmas, director of the Student Health Service, emphasized the increased patient confidentiality. "We cannot share medical information without a patient's permission, preferably written," he said.
Christmas concluded the HIPAA regulations would ensure that patient information would be disseminated correctly.
Phyllis Martin, clinical interviewer and receptionist at the Student Health Service, said the process had been running smoothly over the past week, as most students agreed to sign the release acknowledging that they received a brochure about their rights.
"The ones who questioned it are the law students. If they refuse, I don't push it," she said.
Crewse said he believed that once patients understood what HIPAA meant for them, they likely would be more willing to sign the release.
He also emphasized additional security rights, with which hospitals will have to be HIPAA compliant by 2005, as being dealt with in conjunction with privacy rights. The issues of securing patient information, its transmission within the Health System and the data systems used to store patient records will all need concrete responses.
Nevertheless, current HIPAA compliance has already improved the situation for patients.
"The fact is that patients do have more privacy rights than in the past," Crewse said.
Get The Chronicle straight to your inbox
Signup for our weekly newsletter. Cancel at any time.