You will likely see little difference in the way your medical care providers or health plans do business. However, you will receive from your health care providers a privacy notice describing your privacy rights and who to contact if you have questions or complaints regarding your privacy rights.
If you are receiving Mental Health, Alcohol and Drug Abuse, HIV or Sexually Transmitted Disease treatment, stricter Federal and State laws protect your privacy. HIPAA recognizes that there are situations where stricter protection of privacy may be required and allows for stricter State or Federal laws to control your privacy rights.
When does the HIPAA law go into affect?
HIPAA was signed into law in 1996. Some parts of the law were put into action years ago, and your health care providers were required to comply with the privacy provisions of HIPAA by April 14, 2003. This allowed health care providers time to put into place newly required procedures and to develop forms and processes to comply with HIPAA.
Generally, what does the HIPAA Privacy Rule require my health care provider and health plan to do?
Most health care providers and health plans already take many of the steps required by the Privacy Rule, including training employees to understand privacy procedures and securing patient records so that they are not available to those who do not need them. HIPAA requires your health care providers to provide a privacy notice to you informing you of your patientâ€™s privacy rights and to designate an individual to be available to answer your privacy related questions.
Does HIPAA allow health care providers to use sign-in sheets or call out my name in waiting rooms?
Yes, medical offices may use patient sign-in sheets or call out patient names in waiting rooms; however, the sign-in sheet should not include the reason for your visit, since this is private medical information that does not need to be shared with other patients.
May health care providers place my medical charts on exam room doors?
Yes, the Privacy Rule permits this practice as long as the clinic takes reasonable measures to protect the patientâ€™s privacy. Examples of measures that could be reasonable would be escorting patients through the area, or placing the patient chart in the box with the front cover facing the wall.
Does the HIPAA Privacy Rule allow parents the right to see their children's medical records?
Yes, the Privacy Rule generally allows a parent to have access to the medical records about his or her minor child, as long as it is not inconsistent with State or other law. California has laws allowing minors to receive certain medical treatment without a parentâ€™s consent, and in these cases, a parent would not have the right to access to those records. Please check with your provider to learn more about when a parent may or may not access a minorâ€™s medical records.
Can a physician's office FAX my medical information to another physician's Office?
The HIPAA Privacy Rule allows doctors to share your medical information for treatment purposes. This can be done by fax, phone or other means. Your health care provider is required to put in place reasonable and appropriate safeguards to protect your medical information. An example would include your doctor's staff confirming that the fax number to be used is the correct one for your other physician's office before sending the fax.
HIPAA gives you the right to request an amendment to your medical records.
You can request an amendment to your medical records through the Custodian of Records Office, (714) 834-3536, or by filling out our Request to Amend Protected Health Information (PHI) form and mailing it to the Custodian of Records at 511 N. Sycamore, Santa Ana, CA 92701, or faxing it to (714) 835-9312.
The County does not have to make the amendment. Examples of situations when an amendment may not be made are if the information in your records is correct or if the County did not create the information that you are requesting be amended.