Site Loader

Electronic Health Information Policies are the existing
state and federal policies that establish a baseline for privacy and security
protection for organizations engaging in the exchange of electronic health
information. The policies also serve as a basis for principles that forms the
foundation of making rules and also gives an organization a general sense of

One of the policies is the Notice of Privacy Practices. The
policy narrates that each participant shall develop and maintain a notice of
privacy practices that complies with the applicable law and electronic health
information exchange policies. That each participant shall have its own
policies and procedures governing distribution of notice to individuals, that
the policies and procedures shall be consistent with the available privacy

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Individual Participation and Control of information Posted
to the HIE. The Policy dictates that Individuals will need to provide their
healthcare provider with authorization to share their protected health
information on the health information exchange at each encounter with each of
their healthcare providers. This authorization will apply for all providers
participating in the health information exchange (HIE) and all protected health
information (PHI) permitted by applicable laws and regulations. It narrates on
the Patient Authorization of Opt-in and Opt-out policies.

Compliance with law. The policy dictates that all
disclosures of health information through the health information exchange and
the use of information obtained from the HIE shall be consistent with all
applicable federal, state and local laws and regulations and shall not be used
for any unlawful discriminatory purpose. That if the applicable law requires
that certain documentation exists or that other conditions be met prior to
using or disclosing health information for a particular purpose, the requesting
participant shall ensure that it has obtained the required documentation or met
the requisite conditions and shall provide evidence of such at the request of
the disclosing participant.

Participant Choice. The policy requires that PHI collected,
used or disclosed related to individuals will be supported by the participants
internal policy on the care and access to PHI. These policies will include such
policies as; reasonable and appropriate processes to enable the exercise of an individual’s
choice not to participate in the HIE data exchange, the right to request and
receive in a timely and intelligible manner information regarding who has that
individuals PHI and what specific data the party has; to know any reason for
denial of such request; and the individual’s right to challenge or amend any
personal information.

The general use and disclosure policy. The policy stipulates
that all individual Protected Health Information in the Health information exchange
will be available for public health and quality reporting. The rule of privacy permits
covered entities to disclose protected health information, without
authorization, to public health authorities who are legally authorized to
receive such reports for the purpose of preventing or controlling disease,
injury or disability.

Amendment of data. This policy states that each participant
shall comply with applicable federal, state and local laws and regulations
regarding individual rights to request amendment of PHI. A participant will
therefore require to permit an individual to request that the participant make
an amendment to his or her health information maintained by the entity. That the
entity may require individuals to make requests of amendments in writing and to
provide a reason to support a requested amendment, provided that it informs
individuals in advance of such requirements.

The mitigation policy. The policy stipulates that each
individual shall implement a process to mitigate and shall mitigate and take appropriate
remedial action to the extent practicable, any harmful effect that is known
about the use or disclosure of health information. That an entity shall have
the capability to identify substantiated fraudulent activity within their
records and be able to view and provide records internally and extremely as
though the fraudulent activity had not occurred. 

Post Author: admin


I'm Erica!

Would you like to get a custom essay? How about receiving a customized one?

Check it out