Q. I'd like to know if our company needs something like a HIPAA form for employees to sign when we release personal information to others. Is HIPAA only for the medical field? —B.B., New York
A. The privacy rules of the Health Insurance Portability and Accountability Act (HIPAA) apply to “covered entities.” Most employers, except those providing self-insured medical plans, are not considered covered entities, so they aren't subject to the privacy rules.
Nevertheless, certain HIPAA rules apply to all employers. For example, HIPAA requires that employers obtain a “HIPAA-compliant” authorization from employees before requesting information directly from their physicians. For that reason, it's best to avoid direct communication with employees' physicians. Also, be careful about requesting more than summary information from health insurance carriers. Such requests may trigger HIPAA's privacy rules.
HIPAA isn't the only reason to be concerned about privacy. You should keep all medical information about employees that you may need to comply with the ADA andin a separate, confidential file. Releasing that information may trigger liability under those laws.
Like what you've read? ...Republish it and share great business tips!
Attention: Readers, Publishers, Editors, Bloggers, Media, Webmasters and more...
We believe great content should be read and passed around. After all, knowledge IS power. And good business can become great with the right information at their fingertips. If you'd like to share any of the insightful articles on BusinessManagementDaily.com, you may republish or syndicate it without charge.
The only thing we ask is that you keep the article exactly as it was written and formatted. You also need to include an attribution statement and link to the article.
" This information is proudly provided by Business Management Daily.com: http://www.businessmanagementdaily.com/188/hipaa-rules-arent-just-for-doctors-and-hospitals "