This HIPAA cartoon involves the notice of privacy practices (NPP) under HIPAA. HIPAA has a set of detailed requirements for the NPP. See 45 CFR 164.520 for the text of HIPAA’s requirement for NPPs.
The biggest challenge regarding privacy notices is that hardly anyone actually reads the notice, and notices are often a chore to read.
There is a Hobson’s choice when it comes to such notices, whether under HIPAA or otherwise. As I wrote in Privacy Self-Management and the Consent Dilemma, 126 Harvard Law Review 1880 (2013): “[M]aking [notices] simple and easy to understand conflicts with fully informing people about the consequences of giving up data, which are quite complex if explained in sufficient detail to be meaningful. People need a deeper understanding and background to make informed choices.” Sadly, there’s no easy way to win on this one.
* * * *
Please check out my new HIPAA privacy course series. I have updated more than a dozen of my HIPAA training programs and short courses with new content and a new design.
HIPAA Resources
HIPAA Training Courses
HIPAA Training Guide
HIPAA Training Requirements FAQ
HIPAA Whiteboard
HIPAA Resources
* * * *
This post was authored by Professor Daniel J. Solove, who through TeachPrivacy develops computer-based privacy training, data security training, HIPAA training, and many other forms of awareness training on privacy and security topics. Professor Solove also posts at his blog at LinkedIn. His blog has more than 1 million followers.
If you are interested in privacy and data security issues, there are many great ways Professor Solove can help you stay informed:
* LinkedIn Influencer blog
* Twitter
* Newsletter