HIPAA. Health Insurance Portability and Accountability Act of 1996.

Organizations must obtain a copy of the final privacy rule. For those organizations that have acted in advance and developed policies it will be necessary for them to assess and revise these policies as indicated. Develop and post a notice of the organizations privacy practices and patient's privacy rights. Develop and implement a mechanism in which patients would be asked to sign an acknowledgment of receipt of the privacy notice, which would become part of the patient's treatment record. Offices will be required to provide evidence that staff has been trained on the organization's privacy policies procedures, patient's privacy rights and the consequence of violating established policies and procedures. This training should become part of the employee initial orientation. Develop a log to be kept in each patient's record to document release of information. This includes any element of the patient's medical record released to a third party (sexual abuse, substance abuse, health issues, etc.). This document should be reviewed with legal counsel. Develop a log to be kept in each patient's record to document patient authorization to leave messages on personal answering devices By ensuring consistency throughout the industry, these national standards will make it easier for health plans, doctors, dentists and hospitals to process claims and other electronic transactions efficiently and effectively.