DeMuro P R, Gantt W A
Latham & Watkins, San Francisco, California, USA.
Healthc Financ Manage. 2001 Jan;55(1):42-7.
In November 1999, under the mandate of the Health Insurance Portability and Accountability Act (HIPAA) of 1996, HHS issued proposed standards to protect the privacy of electronically transmitted personal health information. With publication of the final standards due soon, healthcare organizations must prepare to implement new processes and information systems to comply with the HIPAA requirements. The privacy standards are intended to accomplish three broad objectives: define the circumstances in which protected health information may be used and disclosed, establish certain individual rights regarding protected health information, and require that administrative safeguards be adopted to ensure the privacy of protected health information. Among the required administrative safeguards are designation of a privacy officer, implementation of compliance training programs for all applicable staff, establishment of a complaint system, and implementation of appropriate sanctions for violations of privacy requirements.
1999年11月,根据1996年《健康保险流通与责任法案》(HIPAA)的授权,美国卫生与公众服务部(HHS)发布了旨在保护电子传输的个人健康信息隐私的拟议标准。随着最终标准即将发布,医疗保健机构必须准备好实施新的流程和信息系统,以符合HIPAA的要求。隐私标准旨在实现三个广泛目标:界定受保护健康信息可被使用和披露的情形,确立有关受保护健康信息的某些个人权利,并要求采取行政保障措施以确保受保护健康信息的隐私性。所需的行政保障措施包括指定一名隐私官、为所有适用员工实施合规培训计划、建立投诉系统以及对违反隐私要求的行为实施适当制裁。
