HIPAA Summary This document will review the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rules of 1996. The HIPAA Privacy Rules are complex and extensive and establish guidelines that must be followed by healthcare professionals and other covered entities such as insurance companies and consumers. HIPAA is very specific in its requirements regarding the release of information, but is not as specific when it comes to how training and policies are developed and delivered within the healthcare industry. This document will discuss how HIPAA affects a patient's access to their health records, how and under what circumstances personal health information may be released to other entities for non-health care related purposes, policy requirements privacy writings for covered entities, training requirements for medical office employees, and the consequences of failing to comply with the policy. Patient Rights The first area of ​​concern in HIPAA is the protection of patients' private health information. In protecting patients' rights, however, HIPAA policies require a certain level of diligence on the part of patients. Every patient has the right to view and obtain a copy of their medical records and other health information (U.S. Department of Health and Human Services, n.d.). There are certain conditions under which a covered entity may decide not to provide information to a patient, such as if it believes providing the information would endanger the patient or someone else. However, in general, documentation will be provided to the patient within 30 days of the request. This can be extended for a further 30 days if the patient is given a reason. Patie...... middle of paper...... Privacy of Health Information for Consumers. Retrieved April 22, 2009, from U.S. Department of Health and Human Services: http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.htmlU.S. Department of Health and Human Services. (n.d.). Understanding HIPAA. Retrieved April 22, 2009, from U.S. Department of Health and Human Services: http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/University of Miami Miller School of Medicine. (2005, May 11). Workforce Privacy Training (HIPAA). Retrieved April 22, 2009, from the Privacy/Data Protection Project: http://privacy.med.miami.edu/glossary/xd_workforce_training.htmWikiAnswers. (n.d.). What is required if an employee does not follow HIPAA policy? Retrieved April 23, 2009, from WikiAnswers.com: http://www.wikianswers.com/Q/What_is_required_if_an_employee_doesn't_follow_the_HIPAA_privacy_policy