Site Loader
Rock Street, San Francisco

Electronic Health Information Policies are the existing
state and federal policies that establish a baseline for privacy and security
protection for organizations engaging in the exchange of electronic health
information. The policies also serve as a basis for principles that forms the
foundation of making rules and also gives an organization a general sense of

One of the policies is the Notice of Privacy Practices. The
policy narrates that each participant shall develop and maintain a notice of
privacy practices that complies with the applicable law and electronic health
information exchange policies. That each participant shall have its own
policies and procedures governing distribution of notice to individuals, that
the policies and procedures shall be consistent with the available privacy

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Individual Participation and Control of information Posted
to the HIE. The Policy dictates that Individuals will need to provide their
healthcare provider with authorization to share their protected health
information on the health information exchange at each encounter with each of
their healthcare providers. This authorization will apply for all providers
participating in the health information exchange (HIE) and all protected health
information (PHI) permitted by applicable laws and regulations. It narrates on
the Patient Authorization of Opt-in and Opt-out policies.

Compliance with law. The policy dictates that all
disclosures of health information through the health information exchange and
the use of information obtained from the HIE shall be consistent with all
applicable federal, state and local laws and regulations and shall not be used
for any unlawful discriminatory purpose. That if the applicable law requires
that certain documentation exists or that other conditions be met prior to
using or disclosing health information for a particular purpose, the requesting
participant shall ensure that it has obtained the required documentation or met
the requisite conditions and shall provide evidence of such at the request of
the disclosing participant.

Participant Choice. The policy requires that PHI collected,
used or disclosed related to individuals will be supported by the participants
internal policy on the care and access to PHI. These policies will include such
policies as; reasonable and appropriate processes to enable the exercise of an
individual’s choice not to participate in the HIE data exchange, the right to
request and receive in a timely and intelligible manner information regarding who
has that individuals PHI and what specific data the party has; to know any
reason for denial of such request; and the individual’s right to challenge or
amend any personal information.

The general use and disclosure policy. The policy stipulates
that all individual Protected Health Information in the Health information
exchange will be available for public health and quality reporting. The rule of
privacy permits covered entities to disclose protected health information,
without authorization, to public health authorities who are legally authorized
to receive such reports for the purpose of preventing or controlling disease,
injury or disability.

Amendment of data. This policy states that each participant
shall comply with applicable federal, state and local laws and regulations
regarding individual rights to request amendment of PHI. A participant will
therefore require to permit an individual to request that the participant make
an amendment to his or her health information maintained by the entity. That
the entity may require individuals to make requests of amendments in writing
and to provide a reason to support a requested amendment, provided that it
informs individuals in advance of such requirements.

The mitigation policy. The policy stipulates that each
individual shall implement a process to mitigate and shall mitigate and take
appropriate remedial action to the extent practicable, any harmful effect that
is known about the use or disclosure of health information. That an entity
shall have the capability to identify substantiated fraudulent activity within
their records and be able to view and provide records internally and extremely
as though the fraudulent activity had not occurred. 

Post Author: admin


I'm Eunice!

Would you like to get a custom essay? How about receiving a customized one?

Check it out