Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act, or HIPAA, requires healthcare professionals to protect privacy and create standards for electronic transfers of health data. The Office of Civil Rights at the Department of Health and Human Services will enforce the regulations and impose penalties on institutions that do not make a good-faith effort on privacy and security.
HIPAA came about because of the public's concern about how healthcare information was being used. HIPAA gives patients more control over their own health information. The University of Kansas Health System is taking steps to provide you with these patient rights, which include the right to:
- Inspect and obtain a copy of your health information
- Request that The University of Kansas Health System amend health information in your records
- Receive an account of certain disclosures we have made of your health information
- Request that we restrict the use and disclosure of your health information
- Request how and where we may contact you about medical matters
- Receive a written notice of how we may use your health information
HIPAA requires healthcare providers like The University of Kansas Hospital to follow certain rules to protect the privacy of patients' health information. For instance, The University of Kansas Health System employees are not allowed to access information on patients unless they need the information to perform their jobs. Employees have received training on how to protect patient information, whether that information is spoken, on paper or kept in a computer.
The University of Kansas Health System is participating in this effort along with the majority of other healthcare providers in the United States. Compliance with the HIPAA privacy rule is important to continuing our tradition of patient confidentiality.
At The University of Kansas Health System, you have a right to privacy.
Questions or concerns about HIPAA? Contact Patient Relations.
Focus areas of HIPAA
- Electronic Data Interchange (EDI)
- Security and Electronic Signature
- Patient Record Privacy
- Standard Identifiers