Each of us sign a bunch of forms when we see a medical professional or go to the hospital. One of those is the HIPAA form. Most people don’t read these forms or know why they are there. HIPAA is very important for you. The acronym is for the Health Insurance Portability and Accountability Act of 1996. The provisions include privacy, which means your health data can only be shared if you give specific permission, or it is necessary for you health care.
This means that you can be assured if you test positive for AIDS, HIV, an STD for instance, that no one at your work or home can know about it unless you give permission. Violations can be punished with up to ten years in prison and a $250,000 fine per occurrence. If you work for an employer, it is very important that whoever pays or deals with your healthcare choices and payments does not disclose this information.
For instance, if your employer is self-insured, someone at your business or office will know if you had a high cost claim, perhaps cancer treatment or heart attack. Not only is that personal information, but it is illegal for that individual to leave your information lying about, take it home, talk about it, or leave it on their computer screen for others to see. Often these people are untrained or housed in the same location as Human Resources. If an HR person knows you are a high cost medical claimant or unreliable due to health, this is a serious violation of HIPAA. If you are terminated or refused a promotion based on this information it is illegal.
Someone may be sympathetic and share with a co-worker, “Poor Susan, her child has Downs Syndrome, maybe we should send her a card?” This again is a serious violation. Supervisors, HR staff and medical payments and benefits staff often do not know or understand your rights under HIPAA. Spouses are often frustrated that they cannot find out medical information without a signed piece of paper from the patient. In fact, your employer cannot even disclose if you have coverage or not without permission, unless it is to your medical provider or biller. You can imagine for instance if a spouse found out the other had an abortion, an STD, or sexual condition when they have not been having sex. This could result in domestic violence or even death. You need to know your people are properly trained to protect you.
The Valley Schools Employee Benefits Trust (VSEBT) has developed a model program to identify and train all individuals that touch the data on HIPAA rules. In addition, their account managers do periodic walk throughs with member governments and school districts to identify areas for improvement in health security. Some employers who are untrained, actually store your medical data in your employee file, which is illegal. The VSEBT, administered by Andrea Billings under the VSMG umbrella run by Tom Boone ensures this does not happen to their members.