The Health Insurance Portability and Accountability Act (HIPAA) is designed to balance privacy, efficiency, and quality. A covered entity generally does not need your permission to share your protected health information (PHI) with another covered entity for treatment, payment, or healthcare operations, commonly referred to as TPO. For example, a doctor will generally not ask your permission before:
- Sending your records to a second doctor for a second opinion (treatment);
- Consulting with another health care provider regarding your medical status (treatment);
- Asking TRICARE for reimbursement for the services you received (payment);
- Sharing medical services provided for coverage and justification of charges (payment);
- Reviewing your records to conduct MHS provider training programs, including certification and licensing (health care operations); and
- Reviewing your records to see if your doctor followed protocol (health care operations).
However, HIPAA does give you the right to:
- Learn how the Military Health System (MHS) will use and disclose your PHI;
- Request to limit who can access your PHI;
- Find out when a covered entity discloses your PHI to others;
- Request to view and receive a copy of your PHI; and
- Request to amend your PHI if incorrect or incomplete.
HIPAA also requires the MHS to:
- Make sure your PHI is stored securely if maintained electronically;
- Make sure your PHI is available when you need healthcare; and
- Notify you if your PHI is lost or stolen.
You also may be interested in...
Showing results 1 - 15
Page 1 of 3
Form/Template
11/3/2014
The Health Information Privacy HIPAA Complaint Form is used by DHA to proceed with a complaint. DHA uses the information provided to determine if DHA has jurisdiction and, if so, how to process your complaint.
Recommended Content:
How HIPAA Protects You, HIPAA Compliance within the MHS
Policy
This Policy Statement establishes policy and details the core tenets of the HIPAA Privacy and Security Rules at DHA for the use, disclosure, and protection of protected health information (PHI).
Fact Sheet
5/14/2014
This document represents an updated mapping of the HIPAA Security Rule to select DoD policies and IA controls. It does not constitute the rendering of legal advice or an exhaustive list of all possible mappings of the Security Rule to DoD policies or IA controls. The document is intended to provide general information and to allow different departments and components to customize the mapping according to their security policies.
Recommended Content:
How HIPAA Protects You, HIPAA Compliance within the MHS
Fact Sheet
5/1/2014
Personally identifiable information (PII) is information that identifies, links, relates, or is unique to, or describes you. This also includes information which can be used to distinguish or trace your identity and any other personal information which is linked or linkable to you.
Recommended Content:
Privacy Act at DHA, Privacy Impact Assessments, HIPAA Compliance within the MHS, How HIPAA Protects You, Submit a Data Sharing Application, Breaches of PII and PHI, Freedom of Information Act, DHA Privacy Contract Language, Protect Humans in Research, Privacy Act and HIPAA Privacy Training
Policy
This MOU establishes a framework governing inter-Departmental transfer of PIII/PHI of beneficiaries who receive health care and/or other benefits from either Department. This MOU revises the MOU on "Defining Data-Sharing Between the Departments," executed in May and June of 2005.
Policy
The HIPAA Compliant Business Associate Agreement complies with the Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, Breach and Enforcement Rules (HIPAA Rules).
Brochure
10/1/2013
The MHS Notice of Privacy Practices (NoPP) describes how medical information about you may be used and disclosed and how you can get access to this information. This is a print-ready, portrait version of the brochure in Portuguese - European, measuring 8.5” x 11” (vertical).
Recommended Content:
How HIPAA Protects You, HIPAA Compliance within the MHS
Brochure
10/1/2013
The MHS Notice of Privacy Practices (NoPP) describes how medical information about you may be used and disclosed and how you can get access to this information. This is a print-ready, portrait version of the brochure in Chinese - Traditional, measuring 8.5” x 11” (vertical).
Recommended Content:
How HIPAA Protects You, HIPAA Compliance within the MHS, Notice of Privacy Practices
Showing results 1 - 15
Page 1 of 3