Privacy and Security

There are many national groups and initiatives addressing privacy and health information technology (HIT). Below, you will find a comprehensive guide to resources from the American Psychiatric Association (APA) and others that address privacy and HIT.

APA Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and Security Rule Manuals

APA created two comprehensive manuals to assist psychiatric practices with compliance under the HIPAA rules. The manuals provide instructions, checklists, templates, fillable PDF forms, and a thorough explanation of the regulations. They also include useful cross-references to other APA privacy resources and guidelines. Additional resource documents on privacy and psychiatric disorders are available on this page. These manuals are an APA membership benefit.

Guide to Privacy and Security of Health Information
This handbook published by the Office of the National Coordinator for Health Information Technology (ONC) has several resources including a 10-step plan to help physician practices integrate privacy and security into their electronic health records (EHRs) and daily operations.

Your Mobile Device and Health Information Privacy and Security
View helpful information for physicians, health-care providers, and other health -care professionals who use smartphones, laptops, and tablets for their work. The U.S. Department of Health and Human Services (HHS) has developed videos, tips and other information to help protect and secure patient health information when using mobile devices.

HHS Guidance Materials for Consumers: Health Information Privacy
These materials include printer-friendly brochures for consumers on topics such as health information privacy rights, understanding the HIPAA notices given by healthcare providers, and sharing health information with family and friends. There are brief videos on “Your Health Information, Your Rights” and “HIPAA Security Rule” and additional information on the HIPAA Privacy Rule and the HIPAA Security Rule.

A Delicate Balance: Behavioral Health, Patient Privacy and the Need to Know
The California HealthCare Foundation (CHCF) provides a legal analysis of federal and state laws pertaining to privacy of mental health information as well as three illustrative scenarios. It explores the laws governing health information privacy as they relate to mental health and substance abuse treatment and presents three scenarios illustrating the challenges in finding the right balance of privacy and disclosure.

Supporting Integration of Behavioral Health Care Through Health Information Exchange
This report by the Colorado Regional Health Information Organization provides discussion and recommendations pertaining to integrating behavioral and physical health information through health information exchange, emphasizing “the key underpinnings of patient protection, safeguarding patient privacy, ensuring confidentiality, and encouraging trust between and amongst providers and consumers.”

Health Information Privacy: Guidance on Risk Analysis
This series of HHS guidance documents assists organizations in identifying and implementing the most effective and appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of electronic protected health information.