Medical professionals and counselors have professional standards to follow for their respective fields, but they are also bound by applicable federal and state laws.
HIPAA stands for the Health Insurance Portability and Accountability Act. This federal law requires the protection of sensitive patient health information.
Guidelines under HIPAA
Also known as the patient privacy rule, covered entities must safeguard sensitive patient information from unauthorized access or disclosure without the consent of the patient. Although a flow of information between doctors, facilities and healthcare personnel promotes patient well-being, it cannot comprise the patient’s right to privacy. Those considered covered entities include:
- Healthcare providers
- Health plans
- Business associates
- Healthcare clearinghouses
There are exceptions to this right to privacy, such as when the law requires mandatory reporting of abuse, public health activities, law enforcement requires the information, prevention of a serious threat to safety or health and administrative or judicial proceedings.
Consequences of non-compliance
Covered entities bear serious responsibility for protecting patient privacy. Disclosing information without authorization damages the patient relationship and divulges personal information. It can come with serious legal consequences. There are several possible outcomes for violating HIPAA. Your employer could deal with the violation internally, which could include termination. This could impact future work opportunities, as could the possibility of facing sanctions from a professional licensing board. There is also the possibility of facing criminal charges which could lead to fines or imprisonment.
The severity of the violation influences the consequences of violating HIPAA rules. There are potential civil and criminal actions that will affect your employment and your career.