If there are rights then there are responsibilities. A patient under your care as a health care provider automatically becomes your responsibility. It will become your responsibility especially for the time the patient is in your facility or under your care to ensure that you protect that patient’s rights in accordance with the laws of the state and national laws.
The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule set standards which addresses the use and sharing of patient’s Protected Health Information (PHI) by health care providers that are subject to the Privacy Rule. These health care providers that are subject to the privacy rules are known as Covered Entity (CE) or Business Associates (BA). Business Associates (BAs) are people or organizations contracted by Covered Entities to provide any form of service on behalf of the CE and as such have access to Protected Health Information (PHI).
The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule also set standards which address individuals’ privacy rights that enable patients to understand and control how their health information is used and disclosed.
As a health care provider, every patient under your care is your responsibility under the Health Insurance Portability and Accountability Act’s (HIPAA) Privacy Rule. It is your responsibility to provide your patients with a Notice of Privacy Practices (NPP). You are also responsible for responding to your patient’s request to have access to their health information, make some changes on their information, accounting of disclosure, restrictions on how their information is used and who and when to share their health information and also have confidential communications when they want to. There are rights under the Medicare and Medicare Electronic Health Record (HER) Incentive programs that give patients rights to have their electronic Protected Health Information (ePHI) transmitted to them or a caregiver of their choosing.