HIPAA in a Nutshell
The following guest post on the HIPAA law was submitted by Shae Holland.
HIPAA regulations represent a major transformation in the way healthcare organizations handle information regarding their patients. All patients should understand their rights, just as all healthcare facilities must know and conform to the privacy standards. Let’s examine the ins and outs of HIPAA regulations and what they mean for you.
What You Need to Know
HIPAA is an acronym that stands for the Health Information Portability and Protection Act. It was initially passed in 1996 and was the first protective act in the United States passed on behalf of patients’ personal information.
HIPAA was designed to ensure that your healthcare information is only accessed and shared with your permission, and only in the following contexts:
● Coordinating information about your care and treatment
● Providing information to your family, significant other, or friends who are directly involved in your treatment
● Assessing the quality of care provided by the doctor or healthcare facility in question
● Relaying any information requested by law enforcement agencies
The sharing of patients’ personal information in any other context is unlawful and can lead to heavy fines and even heavier settlements — sometimes heavy enough to force an noncompliant business or facility to close. (But more on that later.)
HIPAA regulates many other areas of the healthcare industry as well. Because we’re only covering the basics, we won’t go into detail about all of them. But HIPAA also regulates
● Doctor and Patient Reimbursement
● Coding
● Security
● Care Management
Your Rights According to HIPAA
HIPAA gives you the ability to do any of the following:
● View the information listed in your health records
● Request corrections to information on said records
● Decide who can access and share your health information (and more importantly, who can’t)
● Require providers and other healthcare facilities to request permission to share your information for marketing and other non-treatment purposes
Is All of My Information Protected?
● Any information a doctor puts in your medical record
● Information stored within the computer system of your health insurer
● Billing information from your healthcare provider
● Conversations your doctor has with nurses or other physicians regarding your treatment or care
If at any time you feel that your privacy rights have been violated, HIPAA regulations allow you to file a complaint with Health and Human Services, or file a complaint directly against your insurer or provider.
Why HIPAA Compliance Is So Important
Failure to comply with HIPAA regulations can result in many negative consequences for a healthcare provider or even a small practice; these include both civic and criminal penalties. Fines can be extraordinarily hefty — in 2013, Advocate Health System of Downers Grove, IL, settled three claims of HIPAA violation for $5.55 million.
Who Has to Comply With HIPAA, and Who Doesn’t?
HIPAA does not apply to every healthcare provider, but it does apply to most of them. All healthcare workers must undergo some kind of training or education on HIPAA compliance.
Health Plans: Health insurance companies, company health plans, HMOs, and even certain programs provided by the government (Medicare, Medicaid) must follow HIPAA regulations.
Healthcare Providers: Any provider who conducts business electronically must comply with all recent regulations.
Clearinghouses: Entities that process non-standard patient information must follow these rules as well.
The following are a few of the groups who don’t need to comply with HIPAA regulations:
● Employers
● Workers Compensation Carriers
● Life Insurers
● School Districts
● Law Enforcement Agencies
Conclusion
For over two decades HIPAA has sought to improve the safety and accessibility of medical records. Compliance can be complicated and even annoying for healthcare providers and related businesses, but the benefits of additional personal information security are worth it. After all, it’s a healthcare provider’s job to protect their patients’ health; protecting their personal information and privacy is a natural addition to that duty.
Author bio:
Shae Holland is a professional copywriter with expertise on a range of topics. She’s passionate about healthy living, loves hunting, and adores her two springer spaniels.
The acronym HIPAA stands for Health Insurance Portability and Accountability Act of 1996 and that led to the development of standards for the privacy of Protected Health Information.
Entities that have to abide by HIPAA compliance are known as covered entities. Covered entities are people or companies that store, handle, and process PHI.