HIPAA
What is HIPAA?
HIPAA (Health Insurance Portability and Accountability Act of 1996) was designed to streamline all areas of the health care industry and to provide additional rights and protections to participants in health plans. The law includes five sections that incorporate a variety of provisions from creditable coverage and tax-related issues to health care fraud and privacy.
Title II of HIPAA, the Administrative Simplification (AS) provisions, requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans and employers.
The AS provisions also address the security and privacy of health data. The standards are meant to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in the US health care system.
What Employer Compliance is Required?
Some employers who receive Protected Health Information (PHI) need to put some policies in place including, but not limited to the following:
- Assign and Train a Compliance Officer
- Identify Areas of Risk through an Assessment
- Document all Policies and Procedures
- Roll out the Program to all affected Employees - Training is the most Important step. (Most common breaches are from ignorance not intentional harm.)
- Re-evaluate Program Annually
Employers who elect to not receive PHI also have some HIPAA responsibilities.
