It is very important to stay tuned to all the healthcare IT news, So if you are not aware of what doesn’t count as a breach under the new HIPAA rules, yo…
These days it’s very important that one stays tuned to all the healthcare IT news doing the rounds. So if you are not aware of what doesn’t count as a breach under the new HIPAA rules, you should try to educate yourself on it because when you do so, you will have a good understanding of whether to report a disclosure of unsecured protected health information.
The rules cover the following four exceptions:
- One exception is if it’s an unintended acquisition, access or use of protected health information by a person with authority to handle protected health information who is acting in good faith. It’s also excluded if there’s no further acquisition access or use of the protected health information. For instance, if a nurse handed a doctor the wrong patient folder but retrieved it immediately, or for that matter the doctor returning the folder unused.
- Secondly, in case of an inadvertent beach where for instance a nurse gives another nurse information that the second nurse shouldn’t have, but there is no reasonable risk of further use or misuse of the protected health information. Here each party has authority to access protected health information at the same location, but not necessarily the PHI at issue.
- Thirdly, when a disclosure that occurs when the covered entity has a good faith that an unauthorized person would not retain the information because in a follow-up call, the recipient agreed to destroy the fax.
- Lastly, in case of disclosure, access or use of PHI involving a limited data set that excludes both birth dates and zip code information.