Ensuring confidentiality and integrity of the patients in healthcare setting is of utmost importance for practitioners and government officials. HIPAA law poses strict regulations on the collection of protected health information (PHI), placing limits to the usage and disclosure of certain types of data. Being aware of the PHI types and diverse ways it can influence the study is crucial for the legal research process.
HIPAA identifies eighteen types of PHI that are considered to be individually identifiable information, disclosing important notion about the patient’s past, present, or future health condition. The PHI data includes full names or last names with initials, geographical identifiers (except the state, country, and first three digits of a zip-code), dates (except for the year), and social security numbers (Kayaalp, 2018). Caution should be used when collecting phone numbers, fax numbers, email addresses, and medical record numbers of the patients (Kloss et al., 2018). HIPAA limits the usage of account numbers, certificate/license numbers, and health insurance beneficiary numbers (Kayaalp, 2018). Patients are protected from the disclosure of their vehicle identifiers, device identifiers, IP address numbers, and URLs (Kloss et al., 2018). Any usage of biometric identifiers (such as fingerprints or retinal prints) or full-face pictures is strictly regulated by the HIPAA laws (Kayaalp, 2018). By violating the outlined policies, one may face financial penalties and criminal charges based on the severity of the misdoing.
Though I do not plan to obtain any of the aforementioned data during my project, the collection of PHI would require me to get a written permission through an authorization. According to Cohen and Mello (2018). I would have to provide a specific description of the PHI types planned to be used or disclosed along with the purpose of the requested usage. Authorization expiration dates would have to be established with the signatures from individuals collected (Cohen & Mello, 2018). A statement regarding the potential risk of PHI usage and disclosure should also be issued to protect the rights of the respondents.
References
Cohen, I. G., & Mello, M. M. (2018). HIPAA and protecting health information in the 21st century. JAMA, 320(3), 231–232. Web.
Kayaalp, M. (2018). Patient privacy in the era of big data. Balkan Medical Journal, 35(1), 8–17. Web.
Kloss, L. L., Brodnik, M. S., & Rinehart-Thompson, L. A. (2018). Access and disclosure of personal health information: A challenging privacy landscape in 2016-2018. Yearbook of Medical Informatics, 27(1), 60–66. Web.