Hipaa Quotes

HIPAA is probably the most ironic acronym in healthcare. It stands for the Health Insurance Portability and Accountability Act. Although HIPAA has succeeded largely in making health information more “accountable,” it is usually the first excuse for not making it portable.

When did you talk to my doctor?” I hadn’t talked to my doctor. Clearly my doctor had never heard of HIPAA.

Did you ever see any celebrities over there?” she asked. “Oh, yeah.” I couldn’t tell her who because of HIPAA and she wouldn’t ask for the same reason, but I could give her broad strokes. “Lots of performers,” I said. “Mostly drunk. Contusions, lacerations. Once I had a big musician come through. He had a bruised hand, but I wrote it up as a fracture.” “You did? Why?” I shrugged. “Something told me he needed to take some time off.

HIPAA.

many people criticize Meaningful Use and HIPAA for being too much and too rigid, others criticize the ONC for being too lax in certain areas. The

One is Augmedix, an app that helps doctors do their charting more efficiently. The doctor wears Google Glass during the office visit and has a normal conversation with the patient—without a computer between them. Augmedix sends the audio-video feed from Google Glass to a remote, HIPAA secure location, where a trained scribe uses it to enter patient notes in the patient’s electronic health record.

raising funding also has the potential to save you years. As Craig Hewett, the founder of Castos, told me, funding allows you to “live in the future” by making investments you otherwise would have had to wait for. When Craig Hewett raised money for Castos, he spent it on hiring senior sales and development team members rather than the juniors many startups are forced to hire because of a lack of cash. This allowed Castos to make progress fast. Ruben Gamez, the founder of SignWell, used funding to invest in compliance (SOC2 Type 2 and HIPAA). They would have done so eventually, but they wouldn’t have been able to afford it until later. This investment allowed them to start closing major deals sooner and grow faster. Strategic hiring can be another way to spend funds. Jordan Gal, the founder of Rally, hired a chief of staff almost from day one. He told me, “Money allows you to hire in such a way that you, as the founder, can focus on whatever your superpower is, with far fewer distractions than when bootstrapped.” Derrick Reimer of SavvyCal burst into a crowded scheduling space by investing funds into SEO and marketing earlier than he would have been able to if he was purely bootstrapped. This potentially shaved a year or more off his marketing efforts. Those are just a few of the ways funding can help when applied strategically.

discussing a client’s HIV status with the family may be a violation of HIPAA if it isn’t relative to the family’s involvement and/or if the client did not want that information shared.

Estate-Planning Checklist (for each of you) • Up-to-date will • Healthcare proxy • Power of attorney • Living will • HIPAA form •  List of what you are bequeathing • Legacy requests •  Where your important documents are kept • What assets you have • Where your accounts are located • Account numbers, PINs, and passwords •  Names of trusted people who know where your car keys, house keys, and safe deposit box keys are kept • Important names and contact information: ○ Attorney/financial adviser/CPA ○ Insurance broker ○ Healthcare providers ○ Estate attorney ○ Bank name and branch office location ○ Safe deposit box location and number

Wellness programs offer important benefits, but these data policies underscore the less visible and more dangerous privacy risks they pose.82 Most are exempt from traditional health data privacy regulations. The Health Insurance Portability and Accountability Act of 1996 (known as HIPAA), for example, protects individuals’ identifiable health information in the United States. But it doesn’t apply when employers offer workplace wellness programs directly rather than in connection with their group health plans. Without laws preventing them from using the data collected through wellness programs, employers can mine the data they collect, which many do with abandon.83 Employers learn everything that employees share in the questionnaires and online surveys they complete as part of these programs, from what prescription drugs they use to whether they voted and when they stopped filling their birth control prescriptions.84 And employers are using that data in increasingly more intrusive ways.

Not without a warrant. I’d love to help you, but we have HIPAA laws to abide by.” “Of course.” Susan got up out of her chair and shook the doctor’s hand. “Thank you for your time. I appreciate you seeing me.” “I wish I could help more. If I think of anything, I’ll call you. And, of course, if I hear from either James or Rebecca.” “Thank you.” Dr. Trammel walked Susan past the exercise machines and the patients grunting their way toward rehabilitation. He stopped when they reached the door. “We heard James’s house was bad,” he said. “Is that true?” “Can’t talk about it,” Susan replied, opening the door. “You got HIPAA, and I got an open investigation. Sorry.

During an interview with Diversity Inc.’s director of research and product development, she walked me through a typical presentation used to pitch the value of the company’s software to prospective clients. I learned that their products are especially valuable to those industries not allowed to collect ethno-racial data directly from individuals because of civil rights legislation that attempts to curb how these data are used to discriminate. But now those who work in finance, housing, and healthcare can use predictive software programs to ascertain information that they cannot request directly. The US Health Insurance Portability and Accountability Act (HIPAA) privacy rule, for example, strictly monitors the collection, storage, and communication of individuals’ “protected health information,” among other features of the law. This means that pharmaceutical companies, which market to different groups, need indirect methods to create customer profiles, because they cannot collect racial-ethnic data directly. This is where Diversity Inc. comes in. Its software programs target customers not only on the basis of race and ethnicity, but also on the basis of socioeconomic status, gender, and a growing list of other attributes. However, the company does not refer to “race” anywhere in their product descriptions. Everything is based on individuals’ names, we are told. “A person’s name is data,” according to the director of research and product development. She explains that her clients typically supply Diversity Inc. with a database of client names and her team builds knowledge around it. The process, she says, has a 96 percent accuracy rate, because so many last names are not shared across racial–ethnic groups – a phenomenon sociologists call “cultural segregation.”18

HITRUST is an organization located near Dallas, TX, that developed the Common Security Framework, now known only as the CSF, and is available on a subscription basis.