Visit the Healthcare Industry Pipeline at - Download White Papers and Case Studies, Register for Webcasts!
Search Healthcare
Business at HIN:

Members Only
Click here for
subscriber access,
key word searches or
to download articles
of interest.

Audio Conferences

A complete selection of health management resources for healthcare executives. Your one-stop shop for the leading publications you need! Click here to browse our categories or conduct key word searches to find the products that best meets your needs!

HIPAA Desktop

Link your company's Web site or Intranet to HIN

Career Center
The Healthcare Intelligence Network Career Center brings together qualified healthcare management professionals seeking new career opportunities and healthcare organizations that are seeking to fill health management positions within their companies.

Earn gift certificates by referring your colleagues to the Healthcare Intelligence Network!


Health Law and Regulation


Share this article with a colleague!

HHS Announces Health IT Privacy and Security Toolkit

In a keynote address to the Nationwide Health Information Network Forum, HHS Secretary Mike Leavitt announced key privacy principles and a toolkit to guide efforts to harness the potential of new technology and more effective data analysis, while protecting privacy. Secretary Leavitt emphasized that appropriate privacy and security measures will be an essential sociological enabler of groundbreaking technology.

The growing computerization, exchange and analysis of patient data offer the potential to improve the quality of care and reduce costs and medical errors, but those benefits won’t be fully realized until privacy concerns are effectively addressed, Secretary Leavitt said.

The privacy principles articulated by Secretary Leavitt are as follows:

  • Individual Access — Consumers should be provided with a simple and timely means to access and obtain their PHI in a readable form and format.

  • Correction — Consumers should be provided with a timely means to dispute the accuracy or integrity of their personal identifiable health information, and to have erroneous information corrected or to have a dispute documented if their requests are denied. Consumers also should be able to add to and amend PHI in products controlled by them such as PHRs.

  • Openness and Transparency — Consumers should have information about the policies and practices related to the collection, use and disclosure of their personal information. This can be accomplished through an easy-to-read, standard notice about how their PHI is protected. This notice should indicate with whom their information can or cannot be shared, under what conditions and how they can exercise choice over such collections, uses and disclosures. In addition, consumers should have reasonable opportunities to review who has accessed their personal identifiable health information and to whom it has been disclosed.

  • Individual Choice — Consumers should be empowered to make decisions about with whom, when, and how their PHI is shared (or not shared).

  • Collection, Use, and Disclosure Limitation — It is important to limit the collection, use and disclosure of PHI to the extent necessary to accomplish a specified purpose. The ability to collect and analyze healthcare data as part of a public good serves the American people and it should be encouraged. But every precaution must be taken to ensure that this PHI is secured, deidentified when appropriate, limited in scope and protected wherever possible.

  • Data Integrity — Those who hold records must take reasonable steps to ensure that information is accurate and up-to-date and has not been altered or destroyed in an unauthorized manner. This principle is tightly linked to the correction principle. A process must exist in which, if consumers perceive a part of their record is inaccurate, they can notify their provider. Of course the HIPAA Privacy Rule provides consumers that right, but this principle should be applied even where the information is not covered by the Rule.

  • Safeguards — Personal identifiable health information should be protected with reasonable administrative, technical and physical safeguards to ensure its confidentiality, integrity, and availability and to prevent unauthorized or inappropriate access, use or disclosure.

  • Accountability — Compliance with these principles is strongly encouraged so that Americans can realize the benefit of e-health information exchange. Those who break rules and put consumers’ PHI at risk must not be tolerated. Consumers need to be confident that violators will be held accountable.

In addition, Secretary Leavitt announced several tools to help consumers and health information exchanges advance toward privacy protection and consumer access to their information. For example, the “Leavitt Label,” modeled after the nutritional labels on food packaging, would allow consumers to quickly compare PHR products. For additional information, please visit:

Source: U.S. Department of Health and Human Services, December 15, 2008

PHRs & The New Risks Over Privacy, Security and HIPAA: Addressing the Challenges of Patient-Controlled Health Information

Because PHRs foreshadow many aspects of the evolving national EHR system, healthcare organizations must think through the consequences of offering and accepting PHRs. This audio seminar was produced to help healthcare organizations face the possible challenges of PHRs.

PHRs & The New Risks Over Privacy, Security and HIPAA: Addressing the Challenges of Patient-Controlled Health Information is available from the Healthcare Intelligence Network for $270 by visiting our Online Bookstore or by calling toll-free (888) 446-3530.

Share this article with a colleague!

IMPORTANT NOTICE: This information is designed to provide accurate and authoritative information on the business of healthcare. It is distributed with the understanding that Healthcare Intelligence Network is not engaged in rendering legal advice. If legal advice is required, the services of a competent professional should be retained.

© Copyright 2012 Healthcare Intelligence Network Call toll-free (888) 446-3530