|
|
|
|
|
|
by culi
50 days ago
|
|
|
Great video, thanks for sharing. TL;DW: HIPAA was actually created to allow insurance companies to share patient data without having to get patient consent. Before HIPAA, data was more fractured and less commonly shared. The only privacy protections it offers is, e.g., your doctor not giving your data to your boss. But about 1.5 million private entities can legally access your data (everything from health startups to insurance companies to hospitals) |
|
|
Somewhat. They are allowed to access it "for treatment purposes", not just to nose around out of curiosity.
I found myself explaining this to a number of my patients (I used to be a paramedic) who were irate about disclosures they'd made to their therapist, doctor, etc., that they had said they didn't want revealed to other providers (but were actually germane to their care).
"Does the HIPAA Privacy Rule permit doctors, nurses, and other health care providers to share patient health information for treatment purposes without the patient’s authorization? Answer: Yes. The Privacy Rule allows those doctors, nurses, hospitals, laboratory technicians, and other health care providers that are covered entities to use or disclose protected health information, such as X-rays, laboratory and pathology reports, diagnoses, and other medical information for treatment purposes without the patient’s authorization."
https://www.hhs.gov/hipaa/for-professionals/faq/481/does-hip...