Question

Health Insurance

How does my doctor keep my electronic health records private?

A Answers (2)

  • The HIPAA Security Rule requires providers to assess the security of their electronic health record systems. The Security Rule sets technical safeguards for protecting electronic health records against the risks that are identified in the assessment. Some of the steps that may be taken to reduce the risks include:

    • Access controls such as passwords or PINs that limit access to your information to authorized individuals, like your doctors or nurses
    • Encryption of your information, which means your health information cannot be read or understood except by someone who can "decrypt" it, using a "key" made available only to authorized individuals
    • Audit trails, which record who accessed your information, what changes were made, and when they were made, provide an additional layer of security and oversight.
    • Workstation security, which ensures that computer terminals that can access your health records cannot be used by unauthorized persons

    Your providers must have risk management policies and procedures in place -- to assess security risks, and to ensure that known risks are addressed and prevented.

    Helpful? 1 person found this helpful.
  • ABACTES answered
    Your doctor designates a privacy official who is responsible for making sure your medical records are kept private. In a small office, this may be the office manager. Large facilities have full-time privacy officials.

    The Privacy Rule also requires your health care provider to inform you of your privacy rights. Clear privacy rules and procedures must be put into place, and employees must be trained in how to follow them. These procedures include passwords and other steps for securing your records against unauthorized use.
    Helpful? 1 person found this helpful.
Did You See?  Close
Why did I have to sign a privacy form before my doctor visit?