HIPPA and You: Standing Up for Your Medical Privacy in Texas
There are laws in place at both the state and federal levels intended to keep patient health information private. Federal Health Insurance Portability and Accountability Act (HIPAA) laws protect your health information and medical records. These laws apply to all health care providers, health care plans, and other health care entities that handle sensitive medical documents. The federal Department of Health and Human Services is responsible for adopting and implementing rules of this act. The HIPAA rules are as follows:
The Privacy Rule allows you to have rights to your health information. It also dictates who can look at and receive your health information, whether oral, electronic, or written.
The Security Rule protects electronic versions of these documents. It requires HIPAA compliant entities (like medical facilities) to safeguard these documents against security breaches.
The Breach Notification Rule ensures any breach of protected documents must be reported to you, and requires notification be provided to the Department of Health and Human Services.
An additional rule states that if a particular State law grants more protection for you, the state law will automatically apply and override the federal law. For example, a Texas law passed in 2012 mandated more stringent privacy protection practices and harsher penalties for violations.
The state requires health care workers to undergo customized training for handling electronic health care records within 60 days of hire. Employees must receive training once every two years. Additionally, fines increased to a range between $5,000 and $1.5 million if your records are unlawfully disclosed. The Texas law covers medical entities and also any individual or business that handles protected health documents in any way.
LITIGATION AFTER A HIPAA VIOLATION IN HOUSTON, TX
Medical entities are protected from litigation in the event of a HIPAA violation. However, the individual considered responsible for the violation may be held liable in certain situations. If the violation resulted in real and justifiable damages, you may be able to receive compensation.
For example, a Houston, Texas, woman received a job offer. The background check reveals her doctor’s information. The investigator contacts the doctor and acquires the woman’s medical information, revealing her HIV treatment. Suddenly, the job offer is withdrawn.
In this case, the woman could sue her doctor for illegally releasing her information without consent. Additionally, the woman would have the right to file a complaint with the federal Office of Civil Rights, the Texas Attorney General, and other state agencies. If he or she is found negligent, the doctor could be fined or subjected to criminal prosecution.
YOUR RIGHTS TO MEDICAL RECORDS
Under HIPAA laws, you have multiple rights to your own medical records. You have a right to ask for a copy of your medical records at any time. In Texas, medical entities must provide your records in electronic form within 15 days of the request. There are very few instances where a doctor cannot release information to you. For example, if the information would endanger you, the doctor cannot release the information.
You also have the right to request information on your records be amended if you believe something is incorrect. Lastly, all health care providers are required to notify you of their privacy practices. For example, they must disclose how the health records are used, shared, and authorized, and what notification policies exist if a breach should occur. A violation of any of these rights may warrant a complaint with state and federal bodies, and it may warrant a civil suit if damages were incurred.