By Ronald L. Scott
The Health Insurance Portability and Accountability Act (HIPAA) privacy regulations provide in part that “an individual has a right to adequate notice of the uses and disclosures of protected health information that may be made by the covered entity, and of the individual's rights and the covered entity’s legal duties with respect to protected health information. See 45 C.F.R. 164.520(a).
Initially, I was quite critical of the particular physician’s implementation of the HIPAA requirements, but after re-reading the actual regulations, it is clear that patient-friendly implementation of the regulations is challenging.