Consumers are familiar with HIPAA and aware that it protects access to personal health information at a national level. Consumers may be surprised to discover that only “covered entities” (healthcare providers, health plans and health clearinghouses) are required to comply with these regulations. Many entities that access and use the same information are not bound by the same regulations. Each state has its own regulations regarding health information. These regulations vary and there is no uniform national standard.
As the country moves closer and closer to full digitalization of all health information, security becomes a greater concern and patients deserve to know who has access to their information and how their information is protected.
In light of this, the American Health Information Management Association (AHIMA) designed a Health Information (HI) Bill of Rights as a model for protecting personal health information. The Bill contains seven rights “for the sole purpose of protecting healthcare consumers”:
- The right to access your health information free of charge
- The right to access your health information during the course of treatment
- The right to expect that your health information is accurate and as complete as possible
- The right for you or your personal representative(s) to know who provides, accesses, and updates your health information, except as precluded by law or regulation
- The right to expect health care professionals and others with lawful access to your health information to be held accountable for violations of all privacy and security laws, policies, and procedures, including the sharing of user IDs and passwords
- The right to expect equivalent health information privacy and security protections to be available to all healthcare consumers regardless of state or geographic boundaries or the location (jurisdiction) of where the treatment occurs
- The right to the opportunity for private legal recourse in the event of a breach of one’s health information that causes harm
Vera Rulon, AHIMA president, said the bill was made necessary by “Repeated abuses of access, accuracy, privacy and security of the most basic rights of individuals whose trust has been betrayed and dignity compromised.” The seven point bill eases patient’s fears about security by increasing transparency and encouraging providers to give the strictest protections to personal health information.
Posters featuring the HI Bill are already making their way into health facilities and physicians offices. Wallet sized cards with the Health Information Bill of Rights Preamble on one side and the seven rights on the other are being developed. The card will give consumers easy access to their HI rights whenever or wherever they are.
Unfortunately at this time the HI Bill of Rights is only a model. It has not been signed into law and until it is or something comparable is, there will continue to be fears and concerns about the safety of personal health information. However, the HI Bill of Rights is a step toward making consumers more informed about their health information and confident in how that information is managed; it is a step in the right direction.
Questions: What do you think about the HIM Bill of Rights? Do you think there are any key points missing?
About the Author: Erika Christenson is a Staff Writer with the Clear Medical Solutions Communication Team. Her work is regularly shared on the Clear Medical Agency newsletter and the ClearNursingMatters.com blog.
AHIMA Health Information Bill of Rights http://library.ahima.org/xpedio/groups/public/documents/ahima/bok1_045343.pdf
AHIMA Rights Bill Sets Ideal Standard for Protecting Consumer Health Information http://www.ahima.org/press/HIBOR.asp