About MeI've been a practicing HIPAA consultant for more than six years -- before the HIPAA rules even came into effect. The healthcare organization where I've worked is a big one -- 300 beds and more than one million outpatient visits per year. I've trained thousands of employees about what the HIPAA rules are, and how to use them to protect patient privacy. I've also used the same rules to ensure that patients had access to their records, helped them to file complaints and then investigated those complaints, and investigated privacy breaches. The healthcare organization I've been taking care of for six years has more than 6,500 employees, and this past year it had only 17 HIPAA complaints -- that's an annual rate of .006.Not bad. There may be healthcare organizations with even fewer complaints in the last 12 months -- but maybe that's because their employees and patients don't know their rights? Or they don't recognize when a privacy breach has occurred? Mine do.I've also been to countless providers' and pharmacists' offices and seen the same things over and over.No Notice of Privacy Practices put into the hands of the patients (which is required by law). Or Notices that were printed in a text that is so small they couldn't be read without a magnifying glass, or so obtuse that not even an attorney could understand them. I've see little care taken to ensure the privacy of health records -- like records being dumped in the trash, or left on receptionist's desks while the receptionist took a break (I got that particular receptionist fired), and I've seen patient information, such as names and Social Security Numbers, posted on public websites. Worst of all, I've heard the old "We can't do that because of HIPAA" excuse used endlessly as a way for office personnel to be lazy and not help their patients.One thing has remained constant the past six years: patients do not know their rights.But I do.And I'm here to help you understand yours. That's why I am privileged to open this HIPAA patient advocacy practice.I'm also here to assist attorneys as a subject matter expert.While patients can't sue for privacy breaches and other complaints (not yet, anyway), when attorneys need access to patient records, they need to utilize appropriate HIPAA-compliant authorizations -- else the disclosures are not authorized and can be refused. (Patients need to know what a HIPAA-compliant authorization is, too.)If you're a provider and have found this site, I can help you, too.More than likely the training you and your staff have received has been shamelessly expensive, and shamefully inadequate -- putting you and your staff in the position of attracting complaints, increasing your risk and liability, and not serving your patients as well as you could. Plus, you've probably heard that Health & Human Services has finally levied their first HIPAA fine: $100,000. Have a spare hundred grand sitting around, waiting to pay off a fine?I invite you to explore this site, and see what I have to offer.Whether you're a patient or a professional, if you've got a question -- just ask.I've got an e-book available soon that can be delivered directly to your email address.It's written in "plain English" and will make you smart when it comes to HIPAA, and empower you to take full advantage of your rights. I'll soon have some interviews you can listen to, and may even throw in a video or two. And, if you'll leave your email address, I'll notify you when the e-book is ready for prime time -- and I won't bother you with newsletters you don't have time to read, or share your email address with anyone.So please, enjoy the site, and let me how if I can help you. |