I’ve spoken to many offices regarding HIPAA compliance, completing the risk analysis and having their staff complete their HIPAA training. And I understand the difficulties of HIPAA compliance, but I’d like to share a personal experience that has made me so grateful to have HIPAA.
I was recently in England and had to get an Xray for a suspected broken collarbone. (Fortunately, no break, we are very happy about this.) After getting my Xray, I spoke with the practitioner. She showed me my Xray and gave me advice on how to proceed, advising me that I’d receive a call in 1-2 weeks if they see anything, but she saw no obvious indication of a break.
I didn’t want to wait 1-2 weeks to get confirmation that it wasn’t broken, so I inquired about getting a diagnostic quality copy of the Xray to share with my doctor in the U.S. She told me she couldn’t give me a copy of MY record. But perhaps if I went to radiology, I could get a copy from them. I wasn’t even allowed to take a picture with my cell phone of MY OWN Xray. I headed back over to radiology. The women at reception were confused when I asked for a CD or USB with my Xray image. They couldn’t share it with me due to “confidentiality reasons.” What I could do was to submit a request online to get a copy of my record. That could take 3-4 weeks and there is no guarantee that my record would even be shared with me.
This experience had me so befuddled that I inquired about the healthcare system to some friends in England. No one I spoke to knew what a patient portal was. There is no transparency for patients to know their own medical information. It is likely that the most information a patient gets access to is their vaccination records. And even that isn’t necessarily correct.
This reminded me of another incident I heard about in New Zealand. Someone I knew got their COVID vaccine. She reacted quite poorly to the vaccine. However the site that gave her the vaccine messed up their records, and there was no record of her getting the first vaccine shot. Despite the initial reaction, she had to get the first vaccine shot a second time before moving onto the second shot.
HIPAA stipulates Right of Access. Patients have a right to access their own information. HIPAA requires integrity of information ensuring that my medical records are correct and doctors will have the correct information to properly treat me.
While providing support to offices, such as your own, on HIPAA compliance I have heard many complaints about the burden HIPAA places on providers and practices. I understand and sympathize with that burden. At TLD Systems we do our best to minimize that burden, educate you about your responsibilities and help you to meet the HIPAA requirements. My experiences reminded me that HIPAA is about protecting patents, and at some point we are all patients.
This is my opinion.
Tahlia
VP Client Services at TLD Systems
Read Comments