What is HIPAA and what does it do?
HIPAA is the Health Insurance Portability and Accountability Act, a 1996 federal law that restricts access to individuals' private medical information.Information protected by HIPAA includes anything oral or recorded in any form or medium. All information, whether in the past, present, or future, is safeguarded. Physical and psychological health conditions, provisions of care, and payment information are all protected. Examples of protected health information:
- Patient's name, address, birthdate, age, phone and fax numbers, and email addresses
- Medical records, diagnoses, lab work and test results, medical images, and prescriptions
- Billing records, claim data, referral authorizations, and explanations of benefits
- Electronic records, paper records, and oral communications
Healthcare providers are obligated to carefully manage and protect patients' personal information.
For example, if I am attempting to decipher an incorrect bill or health insurance claim for my adult daughter, I have been told that they cannot discuss the bill or claim with me. Rather than go round and round with them that my daughter has autism and I have HIPAA power of attorney for her, it's easier to pretend to be her. It's ludicrous when you think about it because we can all make phone calls, and with sufficient information, claim to be someone else. It's just more difficult when you are doing it for your spouse, because there's the voice issue - ha! I've yet to meet a couple where they each pay their own separate medical bills and handle their own insurance claims. HIPAA just adds to the burden of the finance person in the family.
However, when it comes to the medical providers, they seem to be careless about your information. How many times have I gone up to the reception window in a small doctor's office and had them ask me my name, address, phone number, employer, spouse's employer, etc.? I try to answer as quietly as possible, but I've had some where they are the ones reading off my information from a computer screen LOUDLY and asking if it's correct. Not cool. And then when you are there for a procedure that requires a driver, they are asking you for that person's name, relationship and cell number. Why not just tell the entire waiting room that it's okay for someone to go rob you because you won't be home for a few hours? They've all heard your address.
Last week took the cake for me. I went to a new specialist for an issue I've been struggling with since July. When I made the appointment, they insisted that they needed an email address and my cell number. I normally only give out my landline number, but they gave me some excuse that I can't remember. I should have known . . .
Since the appointment, they have sent me 3 text messages and 3 emails asking me to review my experience on Google Reviews or Facebook. REALLY? They want me to tell the entire universe about my medical problem? On websites that are not anonymous? How is that protecting me and my health information?
What has been your experience with HIPAA?
Have not had to deal with them, but I agree about giving medical information. We are constantly told not to give out information to scammers, yet the doctors office wants, name, dob, ss#, address pretty much everything we are told to not give out casually. I guess it is safe to give out to a nurse or doctors receptionist, how would people with access to drugs ever get involved with selling information?
ReplyDeleteAt least I no linger give them my ss#. I just say no and they tell me "It's ok I understand." Well if they don't need it, why ask for it?
Good point about the ss#. I just leave it blank and no one has ever said anything. I'm guessing they ask for it so they can track you down if you don't pay.
DeleteI've never had a problem like that but then my doctor comes to my apartment. They know I don't have a cell phone so they don't even ask. There was one time that the courier bringing Ken's medication came to the door and we always have to sign for it. But this time the courier says that Ken had to sign for it himself ad since he wasn't home they wouldn't give it to me. I said call the pharmacy and ask if I can sign so 10 minutes later he let me sign for it. I've only signed for it for years.
ReplyDeleteWhat the heck happened with your profile pic? It sounds as though the courier was willing to help get the signature thing worked out. Sometimes they are like, "too bad, not my problem" and just leave.
DeleteThe profile pic is a lot bigger than it should be but I don't know why.
DeleteThis all sounds appalling. Not much respect for confidentiality or privacy or personal safety. Confidentiality is a number one priority in the NHS. I've never known any of my personal details or medical history to be disclosed to anyone not entitled to know them.
ReplyDeleteWell, they claim it's a priority here, too. Their idea of privacy and mine are two different things.
DeleteWhen I was working in medical transcription, we had to take yearly classes to make sure we were HIPAA compliant (had to make sure no one could see our desktop with patients' names on them, had to make sure passwords were secured so people couldn't get into our computer, etc., etc., etc., including massive fines that could happen if one reported someone as not being HIPAA compliant. Thing is, like you said, most doctor offices and pharmacies especially don't respect it. Can't tell you how many times I'm in the local grocery store that has a pharmacy and they'll announce over the loud speaker the prescription is ready for so and so. Or like you mention the doctor's office trying to update information and shouting it all out in the waiting room. Even calling your name in the waiting room to bring back for your appointment should be a HIPAA violation .
ReplyDeletebetty
First of all, I'm glad your profile pic is normal sized! I have no idea why the previous 2 commenters had issues. And yes, I've noticed at CVS that they will say the first and last name over the speaker that their Rx is ready. Very invasive! And don't get me started on the 'sign in' sheets at the doctor! It just seems like these laws sound good, but there's no follow through when it comes down to everyday matters.
Delete
ReplyDelete" Why not just tell the entire waiting room that it's okay for someone to go rob you because you won't be home for a few hours? They've all heard your address."
Yes, exactly! OMG, I can't tell you how much that infuriates me. Which is why, that whenever I'm taking (over the phone) a customers/clients name, phone#, email, ect. or, if I'm asking for their credit card # because they are making an appointment or purchasing something via the phone, I don't say it out loud so that other customers/clients can hear it. I mean, it's only common sense.
I'm like you, whenever I give out my phone number, I only use my landline #, not my cell phone because they blast (sell) it all over the Internet. I can't tell you how many spam calls I get a day on my landline phone. Today when I got home from work, I had SEVEN.
I've never had any experience with HIPAA, so I can't say. However, judging from your experience, they sound horrendous.
Have a great week, my friend!
I ALWAYS appreciate it when my credit card number is not repeated. And let me add that banks piss me off, too, when you open an account and they want you to verbally give them your SSN. I've written it down and then had to ask for them to hand it back. Then they ask for your mother's maiden name, etc. while customers are standing right there. Zero common sense! Thanks for ranting with me!
DeleteYeah, there are some that sure aren't shy about shouting it out so all can hear. Ugg. And even the waiting rooms, the walls are so thin you can hear everything the Dr. is discussing with a patient while sitting in the next room waiting. I've pretended to be other people before and they gave me the info. Dumb how it is easier to do that than to say you have permission, power of attorney, etc.
ReplyDeleteMy kids and I could always hear the patients in the neighboring rooms at the pediatrician. Fortunately, the only embarrassing thing heard from our room was screaming and crying. LOL! Yup, easier to just pretend. Otherwise, they question whether it's on file, etc. Because we're in the 21st century and they can't easily pull something like that up?
DeleteGirl I have the same complaints as you - we can't get to what we honestly need to help others with (kids) and everyone else can!!!!!!!!!!!!!!!!!
ReplyDeleteI figured a lot of people could relate to this issue.
DeleteI hate it when they push you to review them (or when they send 10 text messages to remind you of your appointment). As a general rule, I have stopped giving out Social Security # to medical providers.
Deletewww.thepulpitandthepen.com
This has been the first time I've had the review request. I received another email from them yesterday. It's turned into harassment.
Delete"I've yet to meet a couple where they each pay their own separate medical bills and handle their own insurance claims. " Ooh, ooh, pick me! Pick me! Queenie has this thing, she doesn't really want me involved ..... unless there's a problem. And she don't wanna know if it's about me so she does her thing, I do mine. She does tell me the 'important' stuff and I do too, but important I apparently in the mind of the with-holder.
ReplyDeleteI mean, I was told about the diabetes within the 3 month notification threshold, so all's well right?
As far a HIPPA is concerned, New Yuck goes the extra mile .... we are supposed to have to fill out a consent form during EVERY Doc visit. Like, on paper and everything. Fortunately enforcement saw how stupid it was and doesn't enforce this one anymore though I imagine there's a lawyer or two warming up a class-action about it for future personal fortune ....
So, you both pay your own separate medical bills and handle your own insurance? I would think it would be difficult, just because we often have multiple user claims on a single sheet of paper. It would get way too complicated. I've always handled everything fortunately because my spouse would not have time to challenge any of it.
DeleteI feel as though I have to sign off on HIPAA at every appointment, too. Though that may be because every dr office seems to insist on updating records at every appointment.
We do have common insurance but we both have access to it and she insists on managing her claims personally. Our insurance separates thing by patient so we never have statements with intermingled info.
DeleteAnd yeah, our state (or maybe Obamacare regs?) require far too much as far as continuing sign-offs. It's nuts.
You made such good points in this post. I think providers become complacent and forget their duty to safeguard information appropriately. I also think the system lacks common sense in matters such as a parent assisting an adult son/daughter with disabilities navigate the system. It might be prudent in such cases to obtain legal guardianship, obviously depending on the particular circumstances, from the court. Guardianship of the person and guardianship of the estate are worth considering for those who have not done so already.
ReplyDeleteThe system really does lack common sense. Just because a child turns 18 doesn't magically make him or her capable of dealing with insurance issues and in some cases, they are away at school, etc. and not paying for their medical care. You are correct that guardianship is the best solution for some, but we didn't feel that was right for our situation.
DeleteI have a love/hate relationship with HIPAA. Mostly hate. Working for BlueCross BlueShield, I get that it's designed to protect patient confidentiality...but it really limited me sometimes in divulging information. And the most boring blogs I ever had to write for Fuel involved HIPAA language for private practices. Dreadfully boring and verbose...and on top of that, at least half the medical practices I dealt with spelled it HIPPA. Time and again. You'd think they, of all people, would know better!
ReplyDeleteOh boy, I can't imagine trying to write that sort of legal mumbo jumbo. Dreadfully boring . . . You took the words right out of my mouth. Sad and funny that they called it HIPPA!
DeleteI'm so sorry for your trouble, Bijoux. It's bizarre that you have to imitate your daughter, but it beats battling the bureaucracy.
ReplyDeleteI've yet to square off against HIPAA myself and I'd like to keep it that way for as long as possible.
Review your experience?!? How about "it sucked!"?
We live in a society where privacy is eroding--and yet it's so important to safeguard our personal information.
Yes, I was wondering how they'd feel about a negative review. I almost feel like reviewing just the after fact of their non-stop barrage of emails and texts!
DeleteOmg. Totally had this same experience with the front desk chick broadcasting my info as I'm standing there with people in line all around me, not to mention a FULL waiting room! I stopped her and flat out told her, "Next time could you just pass me a note because altho I'm sure all of these people are wonderful I really don't want my personal info broadcast for all of Boise to hear and I'm sure these people don't either." I can't wait to go in next week.. I'll bring her a piece of my mail with my phone number written on it!
ReplyDeleteI'm glad to hear I'm not the only one bothered by this!!!! Did she get pissy with you? I'm going to have to start doing that. It's so ridiculous!
DeleteI've also experienced the doctors office reading your information just for you to confirm. This also appears to be common practice for hospitals. It's very easy to get someone's medical information, which isn't right. I can imagine an employer doing this and using it against you.
ReplyDeleteI was at the doctor today and the receptionist didn't read my info . . . She just made me fill out the 3 page info sheet for the hundredth time🙄
DeleteWell, I have experiences on both sides of this. I'm VERY careful about confidential information. I use only first names in the waiting room (if I have to use a name at all), nothing with personal information gets left out, and I make sure no one is walking through when someone is leaving a voicemail. And if anyone other than the patient calls, I don't confirm or deny that I know the person. Unless they have a written release on file with me.
ReplyDeleteIt can be a frustrating thing, but there are cases where personal information gets misused or there is abuse involved. Also, I'm glad they ask me three times for my name and DOB before they do anything. I don't want them thinking I'm someone else and getting my labs or procedures confused. I'd love to not have to keep refilling forms out, but I'd rather do that then have someone announce my information loudly. That's a clear violation.
As for those reviews - the bonuses of the most poorly paid staff (low level nurses and techs) are based on those reviews. I'd have to have someone really piss me off - like outright rudeness - before I tanked them and cost them their bonus money.
I AM glad when they ask me my name and DOB once I'm taken back for the same reasons, although I don't understand the repeated paper work. I guess they can't trust people who say nothing has changed.
DeleteI refuse to do a review online for anything medical. That's just an invasion of privacy.
Oh, I didn't know you meant online reviews. I don't do those either. I meant the paper reviews they mail out.
Delete