American Academy of Family Physicians
 

search
 
Advanced Search

About UsNews & PublicationsMembersCME CenterClinical & ResearchPractice MgmtPolicy & AdvocacyCareers
FP Report
April 2002 • Volume 8 • Number 4
illustration

Here's help on following patient privacy regulations

BY JANE STOEVER

When you're consulting with your staff about office management, it's likely that a certain acronym increasingly peppers those discussions: HIPAA.

It stands for the Health Insurance Portability and Accountability Act of 1996 -- and the "accountability" aspect for protecting patients' privacy has kicked in. HIPAA regulations on the confidentiality of patient information took effect April 14, 2001. You have until April 14, 2003, to bring your practice into compliance with them.

"The physicians in our practice met recently to do some planning with the company that manages our business operations, and we focused heavily on HIPAA," says Leonard Fromer, M.D., of Santa Monica, Calif., chair of the AAFP Commission on Health Care Services.

"As physicians, we all safeguard the privacy of the patient," says Fromer. "And as family physicians, we can multiply that ethic of privacy for any patient by the number of people in the patient's family." Besides, says Fromer, FPs -- who often make referrals -- are at the center of a universe of people who need information to help the patient.

HIPAA Privacy Manual

Each day, several family physicians call the Academy asking questions about the HIPAA privacy rules and saying, "I need help!"

Here it is: AAFP's new HIPAA Privacy Manual. Practice consultants and lawyers drafted this step-by-step guide, and practicing FPs reviewed it. "It gives us a track to follow," says Fromer. "The path to compliance will be rocky. There'll be noise; there'll be bumps in the road. But this manual is one way the Academy is helping us deal with the bumps."

The manual summarizes the regulations and offers checklists and sample documents for your practice. See the story below for some suggestions from the manual.

"Everyone has to comply with the regulations," says Fromer. "The government agencies will recognize, though, that there are different solutions for a practice with one doctor than for a large multispecialty group."

A practice with more than 20 physicians may need to hire a privacy officer to oversee compliance, says the manual. Smaller practices may give this responsibility to current staff.

You may purchase the manual online at http://www.aafp.org/hipaa/ or by calling (800) 944-0000. The online HIPAA Privacy Manual (item # R710) costs $50; the paper version (item # R709) costs $100; the CD-ROM (item # 745) costs $100.

GAPS GALORE

The proliferation of electronic communications about patients has heightened the need for privacy regulations. And paper records and orders are also often less than secure.

"In my office, we worry tremendously about people not being able to see patient information on computer screens," says Fromer. "But you could put on a janitor's outfit, walk in with a broom and go through the medical records room 400 times, and nobody would blink an eye."

So the HIPAA privacy regulations just might do some good. "We ultimately may be better able to provide comprehensive care in a setting that systematically protects patient information," says Fromer. "That's the challenge."

FP Report is published by the AAFP News Department.
Copyright © 2002 by American Academy of Family Physicians.

FP Report | Headlines | AAFP Home | Search