Employee Health and Wellness Programs

Health Fairs and HIPAA

Frequently Asked Questions about Health Fairs and HIPAA

  • Is the health information gathered at a health fair covered under HIPAA guidelines?
  • Do I need to give a Notice of Privacy Practices to participants at my health fair?

The answer is "maybe".

Health Fairs and HIPAA: Primary Considerations

Do you keep the individual's personal health information or do you give it to him/her for them to take with him/her when they leave?

  1. If you provide the information to the participant of the health fair and don't retain any of the information in any format, then you don't need to give a Notice. This type of personal health information is not covered under HIPAA regulations.
  2. If you retain information that identifies specific individuals, then it may in fact be covered by HIPAA, and the individual may need to be given a Notice. (For additional information, please see the following.)

Are you gathering health information with no identifiers to where there's no way of identifying individuals?

  • If it is not individually identifiable and there's no way of re-identifying it (such as information that will be used for statistical purposes), then you don't need to give a Notice.
  • In the information you give the individual, be sure to include a disclaimer which clearly states that this information is not protected by federal or state privacy rules.

Are you maintaining personally identifiable information of any type and in any format (paper or electronic)?

  • If so, then the individual must get a Notice of Privacy Practices. The information is definitely covered under HIPAA.
  • If you retain the information in any format, you must clearly tell the individual (in writing) exactly what data you are going to retain, how you're going to maintain it, and what you're planning to do with it.

HIPAA Overview

What is HIPAA?

  • HIPAA is a federal law entitled the Health Insurance Portability and Accountability Act.

Which federal agency is responsible for overseeing HIPAA compliance?

  • The U.S. Department of Health and Human Services (HHS), Office of Civil Rights (OCR).

Why was HIPAA created?

  • To protect employees' insurance rights when they lost or changed jobs.
  • To protect the privacy and security of patients' personal health information.
  • To create a national standard for electronic healthcare transactions.
  • To enhance the efficiency and the effectiveness of the healthcare system.

What do the HIPAA regulations do for healthcare?

  • Protects individual patients' rights regarding their personal health information, including their right to review it and to make decisions about how it will be used and disclosed.
  • Provides for the appropriate use and disclosure of patients' health information.
  • Requires healthcare providers to implement significant safeguards to ensure privacy of patients' personal health information.

What do the privacy regulations focus?

  • Individually identifiable health information, which means it identifies the patient or could be used to identify the patient.
  • Paper or electronic patient health or medical records.
  • Patient health information exchanged verbally.
  • Information relating to the past, present, or future mental or physical condition of an individual.
  • Research data that identifies specific patients.

Wellness Companies

Wellness Proposals Infinite Wellness Solutions Infinite Health Coach Health Risk Assessments Wellness Search Engine Health Fairs & Wellness Fairs Wellness Marketing & SEO Employee Wellness Programs Employee Health and Wellness Programs Free Wellness Newsletter registration link with a picture of a cartoon health promotion expert holding a sign
 
     

© Copyright 2008 Employee Health and Wellness Programs. All rights reserved.

Powered by IWS | WP | Wellnesseo