ok this what I have now please let me know what you think thanks so much Congress implemented the Health Insurance Portability and Accountability Act (HIPAA), which enables individuals to have more control over their own health information. This helped to establish clear lines on the giving out of and using of specific health records of individuals (CDCP, 2003).
Individuals in relation to this Act have the right to access their records from authorized keepers and users of an individuals' health information called covered entities. They can have an accounting of the disclosures of their protected health information by these covered entities, their business associates. Individuals have the right to receive written notice from the covered entities their privacy practices, an opportunity to request amendments of the records and an option to limit the use or disclosure of their information. However, the covered entity is not obliged to agree to restrictive requests. But if it does, their compliance is what the client restricts them to do except in cases of emergency (OCR, 2003). They also have the chance to request alternative methods of communicating information (TWC, 2004). They can deviate from the usual method of access if they think that there would be risks involved, without being required to prove it (OCR, 2003).
Consent is one thing that is very essential in this Act; it is actually the thing that prevents mal-users from abusing a person's information. But even with this, there are instances when specific people can access it without consent from the person. First are the law enforcers. They can have the information from the covered entities without waiting for consent if they have their purposes as required by the law. Funeral directors and medical examiners, as authorized by the law can have it for autopsy and other related functions. "The information may also be used to facilitate the donation and transplant of organs, eyes, and tissue" (OCR, 2003). If the information is needed for a valid research program and for prevention of serious and impending threat to a person or the general public, then that could be accessed without consent as well. Nor is consent necessary when it is for certain essential government functions like pursuing effective military missions, carrying out of intelligence and activities deemed important for national security like protecting the president and the citizens, and the establishment of the eligibility to be part of certain government benefit programs and other related activities. The various workers' compensation laws and other similar provisions may also be a factor to persuade the covered entities to discharge the information even without authorization of the party involved (OCR, 2003).
Covered entities carry out their responsibility of safe keeper in a series of ways. "They must implement written protected health information (PHI) privacy procedures, appoint a privacy office, explain to business associates the obligation to sign agreements while respecting the confidentiality of PHI and how it should be kept that way" (TWC, 2004). Their entire workforce is trained to follow their privacy guidelines. All people under the direct control of the covered entities so called workforce, regardless of whether they are receiving compensation not ,therefore, in order to keep the Act well in place and ensure privacy of certain information, they are all to be trained on every detail of the covered entities' privacy policies and procedures. They are all to pursue their tasks in accordance with guidelines. Violations to these policies and procedures by the said workforce have respective sanctions and punishments as determined by the covered entities (TWC, 2004).
HIPAA is set up to keep the private health information in good hands. That is manifested in all the formal structure and regulations set up to govern this information (CDCP, 2003).
References
Centers for Disease Control and Prevention (2003). HIPAA Privacy Rule and Public Health. Morbidity and Mortality Weekly Report Vo. 52 pp. 1-12
HPPA Privacy Rule: What Employers Need to Know. Retrieved May 12, 2007 from (web -site here) Office for Civil Rights (2003). Summary of the HIPAA Privacy Rule. US Department of Health and Human Services pp. 1-19