HIPAA regulations take effect today at Tyrone Hospital

Tyrone Hospital is preparing to comply with new federal regulations that further clarify how patients’ health care information may be used and must be protected.
Patients at Tyrone Hospital will see several changes as a result of these new regulations under the Health Insurance Portability and Accountability Act. This is a law that governs the use and release of a patient’s personal health information, also known as “protected health information.” The HIPAA privacy regulations establish a minimum acceptable threshold for the use and release of a patient’s health information.
First and beginning today, all patients at Tyrone Hospital will receive a copy of Tyrone Hospital’s Notice of Privacy Practices. This notice explains how patient health information is used and protected, how patients can receive a copy of their medical records and a list of how their information has been used, and how patients can request restrictions on that use. This notice also identified Tyrone Hospital’s Privacy Officer.
The Privacy Officer is the person who has been designated to answer any questions and respond to any complaints about privacy issues. Patients will be asked to acknowledge that they have received the Notice of Privacy Practices.
Under the new regulations, patients may ask not to be included in the hospital directory. Information in the hospital directory is used to direct visitors, clergy, and deliveries (of flowers, balloons, and cards, for instance) to patient rooms. Information in the hospital directory also is used to provide callers who ask for a patient by name with the general condition of the patient. The patient’s name, location in the hospital, religious affiliation, and general condition will be included in the hospital directory, unless the patient asks that this information not be included. Religious affiliation will be disclosed only to members of the clergy.
According to George Semko, chief financial officer at TAH, under the HIPAA regulations, patients must be informed about how their PHI will be used and given the opportunity to object to or restrict the use or release of their information.
“Hospitals may use and disclose PHI without the patient’s consent for purposes of treatment, payment and health care operations,” said Semko. “In addition, the HIPAA privacy regulations have specific provisions for the release of limited information about the patient without the patient’s authorization when someone specifically asks about the patient by name.”
What allowed the hospital to reach compliance with the federal standards was the hiring of Parente Randolph, a large Pennsylvania accounting firm to provide a GAP analysis for where Tyrone Hospital was compared to where it needed to be.
Semko said the analysis was done on a department-by-department basis and it has amended its processs as necessary.
He also said the hospital engaged the services of the Raytheon Corporation to perform another GAP analysis based upon the security and privacy regulations.
The hospital has also purchased new computer servers and software to provide a greater level of security for the storage and access to patient indentifiable data.
“Tyrone Hospital is committed to protecting the privacy of our patients,” said Thomas Bartlett, chief executive officer at Tyrone Hospital. “As much as possible, we will limit both the amount of patient information that is shared and the number of people with whom it is shared as we care for patients, communicate with health plans and others for billing purposes, participate in internal and external quality assurance activities, and operate our facilities.”