One of the biggest mistakes you can make as a health professional is to violate the rules of HIPAA, or the Health Insurance Portability & Accountability Act.
The law was first introduced in 1996 to ensure that employees had health insurance while switching jobs. It also aimed to eliminate fraud and illegal use of one’s private health information, and focused on privacy.
The Privacy Rule came into effect in 2003, and was solidified to protect personal health information including healthcare, treatment and payment.
Under the law, there are certain actions that are acceptable without a written authorization and many that aren’t. We’ve also compiled a list of things that must be present in order to perform an authorization to share information under HIPAA.