COMMUNITY

PATIENTS - PRIVACY & SECURITY

Protecting your privacy

At GaHIN, privacy and security of patient information are of utmost importance. Unlike paper health record storage methods, this network is built to only allow authorized providers to view your information on a “need to know” basis.

Only authorized members are allowed to access the patient's health information through the network using a secure login. All transmission of patient information on the network is encrypted. This is a protected network, not the Internet, so your records are secure.

HIPAA & other regulations for exchange of health information

GaHIN is committed to keeping patient health information private and secure. And we take this responsibility very seriously. Only approved healthcare organizations—those that have entered into a legal agreement and agree to abide by GaHIN's policies and applicable laws—are allowed to access patients’ records through the network.

GaHIN follows all applicable state and federal laws and regulations relating to the protection of patient health information, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA's security standards require administrative, physical, and technical safeguards to protect against such risks as loss or unauthorized access, destruction, inappropriate use, modification or disclosure.

HIPAA prohibits GaHIN members and affiliates from sharing a patient's health information for any purpose other than treatment, payment and healthcare operations without patient authorization, except in certain circumstances.

Further, GaHIN also adheres to regulations set by the Health Information Technology for Economic and Clinical Health Act (the HITECH Act) and the American Recovery and Reinvestment Act of 2009 (ARRA).

Only authorized members are allowed to access the patient’s health information through the network using a secure login. All transmission of patient information on the network is encrypted. This is a protected Network, not the internet, so your records are secure.

Doctor’s responsibilities

Only providers who have entered into a legal contract with GaHIN and agree to abide by its strict privacy and security policies—and comply with all applicable federal and state laws—are allowed access to patients’ medical records via GaHIN.

In addition, each doctor who connects to the network must have written policies and procedures in place that govern their staff’s ability to access information on or through their health information exchange and the GaHIN network.

Each doctor is also required to comply with federal and state laws and regulations that protect sensitive confidential information, like genetic testing and mental health notes. Each doctor may store patient records, but may not store sensitive information from those records.

Along with GaHIN, your doctors recognize the need for great security in handling your medical records. You can trust every physician and healthcare provider who is affiliated with GaHIN. They are focused on giving you and your family the privacy—and quality healthcare—that you deserve.

Breach notification

Under HIPAA requirements and GaHIN policies, you have the right to receive a list of occurrences where your health information was accessed and for what purposes. If there is a breach of security involving your health information, you will be notified.

  • GaHIN will send breach notifications: These must be provided without unreasonable delay and in no case later than 60 days following the discovery of a breach.

  • IF THERE IS A BREACH OF SECURITY INVOLVING YOUR HEALTH INFORMATION, YOU WILL BE NOTIFIED.

  • Notifications contain specific information: To the extent possible, notifications must include a brief description of the breach, a description of the types of information that were involved in the breach, the steps affected individuals should take to protect themselves from potential harm, a brief description of what is being done to investigate the breach, mitigate the harm, and prevent further breaches, as well as contact information.

  • Complaints can be filed: If you believe that a person, agency or organization covered under HIPAA violated your (or someone else's) health information privacy rights or committed another violation of the Privacy Rule, you may file a complaint with the federal Office for Civil Rights. Individuals found in violation of HIPAA can be civilly and criminally prosecuted. For more information, visit http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html

We value your trust and work hard to earn it

You can rest assured that GaHIN—and the exchange of electronic health records—offers greater security than with traditional paper records. Multiple measures are in place to protect your privacy, while ensuring all your providers have the critical health information for efficient, safer, higher quality healthcare. GaHIN takes your privacy and security seriously.