HIPAA is shorthand for the Health Insurance Portability and Accountability Act which contains privacy regulations affecting researchers collecting data from a covered entity, such as Baystate Medical Center. (UMass is a hybrid entity). These regulations provide significant new privacy protections for the health information of patients and research subjects including the following:
- Gives patients more control over their health information.
- Sets boundaries on the use and release of health records.
- Establishes appropriate safeguards that health care providers and others must achieve to protect the privacy of health information.
- Holds violators accountable, with civil and criminal penalties that can be imposed if they violate patients' privacy rights.
- Strikes a balance when public responsibility requires disclosure of some forms of data - for example, to protect public health. For patients - it means being able to make informed choices when seeking care and reimbursement for care based on how personal health information may be used.
- Enables patients to find out how their information may be used and what disclosures of their information have been made.
- Generally limits release of information to the minimum reasonably needed for the purpose of the disclosure.
- Gives patients the right to examine and obtain a copy of their own health records and request corrections.
If you have any further questions, please contact HRPO at 545-3428.