Privacy Officer

A covered entity must have a Privacy Officer, responsible for notifying patients about their privacy rights, training staff, and ensuring that uses and disclosures of protected health information are done in a manner consistent with HIPAA guidelines.  

Hillvale Pediatrics consists of a solo practitioner, a nurse and a medical assistant. Electronic transmission of medical records is limited to the Medicaid office for billing purposes.

a.  Due to the limited use of electronic data transmission, is this office exempt from the HIPAA Privacy Rules?

b.  Should a separate staff member be hired for this position, or can the physician be designated as the Privacy Officer?

 

Rectangular Callout: I would like to apply for a job as a Privacy Officer.