Notice of Privacy Practices a Must for All Patients
All healthcare providers must present to all patients, with whom there is a direct treatment relationship, a notice of privacy practices. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule indicates the notice must be provided:
Not later than the first service encounter by personal delivery of patient services, electronically or through mail;
By posting the notice in a clear and prominent place that can be easily seen by people seeking services; and
In emergent situations, the notice must be furnished when the emergency has abated.
Providers (and other covered healthcare entities) must supply a notice to anyone, upon request, whether direct or indirect treatment was provided. Covered entities also must make their notice of privacy practices available electronically, on any website maintained for customer service or benefits information.
The rule indicates a healthcare provider must make a good faith effort to obtain written acknowledgement from patients that the patients have received the privacy practices notice. Most covered entities ask for signatures from individuals, indicating the individual was provided a copy of the notice.