Corporate Compliance

Tip: Build trust with the Notice of Privacy Practices

Compliance Monitor, September 23, 2009

Noncompliance with HIPAA regulations can result in several steep penalties. Misuse of patient information may result in a prison term and fines. Not only will reputations be compromised, but physician licenses are also at risk. Organizations and covered entities must provide a written Notice of Privacy Practices to patients. This will serve as a reminder about the rules of compliance and build trust with the patient. The Notice should outline your facility’s privacy practices and patient rights. The notice must: 
  • Inform patients of their rights and how they can exercise them
  • Disclose the organization’s privacy practices
  • Detail the organization’s responsibilities under the law
  • Inform patients of the uses and disclosures of protected health information (PHI) required or allowed by law
  • Explain how patients can access their medical records and modify their information 
This week’s tip was adapted from The Compliance Officer’s Handbook 2nd Edition. For more information about the book or to order your copy, click here.

Most Popular