Health Insurance Portability and Accountability Act (HIPAA)

Internet Explorer Alert

It appears you are using Internet Explorer as your web browser. Please note, Internet Explorer is no longer up-to-date and can cause problems in how this website functions
This site functions best using the latest versions of any of the following browsers: Edge, Firefox, Chrome, Opera, or Safari.
You can find the latest versions of these browsers at https://browsehappy.com

Advertisement Disclaimer

Guidance for pediatric practices on managing protected health information.

Pediatricians and medical offices have been wrestling with the Health Insurance Portability and Accountability Act (HIPAA) for more than two decades.

The HIPAA regulations most relevant to physicians, health clinics, hospitals and other Covered Entities are the Privacy and Security Rules for protected health information (PHI). First implemented in 2000, and updated in 2013 via the Health Information Technology for Economic and Clinical Health (HITECH) Act, HIPAA has dramatically changed how PHI is kept private and secure. Practices that have not updated their HIPAA compliance materials and daily office operations since 2009 in order to comply with HITECH need to do so right away. New HIPAA regulations are anticipated to be released in 2021 or 2022. They may significantly change the regulations.

Pediatricians are well-advised to keep their HIPAA policies and procedures up-to-date and incorporated into daily practice operations.  

Disclaimer: This information is general in scope and educational in nature. It is not intended as legal advice. If you require legal advice, contact an attorney. 

The recommendations in this publication do not indicate an exclusive course of treatment or serve as a standard of medical care. Variations, taking into account individual circumstances, may be appropriate. This content is for informational purposes only. It is not intended to constitute financial or legal advice. A financial advisor or attorney should be consulted if financial or legal advice is desired.

Covered Entities

Understanding what it means to be a Covered Entity is essential to being HIPAA compliant and particularly important now that HIPAA is being more rigorously enforced.

HIPAA Enforcement

Details about HIPAA enforcement, the initiation of a new complaint & penalties/fines for violations.

Business Associates

Common examples of business associates who performs certain functions or activities that involve the use or disclosure of protected health information for a Covered Entity.

Parental Access to Medical Records

Review information about parental access to their child's medical records, including links to resources from the Department of Health & Human Services.

21st Century Cures Act Interoperability Final Rule Overview

Review what pediatricians need to know about the 21st Century Cures Act Interoperability Final Rule.

Medical Record Retention

An overview of the retention of pediatric medical records, including how long they should be retained, options for storage of paper medical records and information about custodial agreements.

Breaches of Protected Health Information

Information about breaches of protected health information, including administrative requirements for breach notifications.

Destruction of Protected Health Information

Guidance on the destruction of health information for all healthcare settings including medical offices.

Last Updated

08/05/2021

Source

American Academy of Pediatrics

Feedback Form