It is very important that the electronic records of the patients are safeguarded. The HIPAA Compliance Certification is a must as it makes the entity aware of the various administrative, physical, and technical measures that must be taken in order to maintain complete security of the data.
Some standards have been set for the protection of the HIPAA privacy rule. The protected health information should not be disclosed under any circumstances to unauthorized people. The HIPAA Privacy Policies makes it mandatory for the healthcare provider to evaluate their methods and practices and to take appropriate measures to safeguard the information and to prevent leakage of this information. The rules are at times a bit flexible in order to accommodate different situations.
Marketing is also one more aspect where lots of confusion is there with regards to the HIPAA privacy rule. It takes into account the communication of product or service as marketing. If communication is marketing then before making any communication the healthcare provider will have to obtain authorization from the patient. But there are some exceptions that are made in this rule. For example, communication is not marketing if it is made for the treatment of the patient or if it is made for the management or care of the individual or for alternative treatment or therapies etc.
As you can see that there are some points which can leave one confused. But overall HIPAA security rules cover most of the valid points. It tries its best to make sure all the important details are covered in order to safeguard the patient information. It is also on the healthcare provider to make sure that he trains his employees in a proper way and his company follows all the rules and regulations. He must take preventive measures to ensure that the rules are not violated.