HIPAA Implementation Specifications
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 created standards for treatment of individuals' private health care information. There are specific ways in which HIPAA is implemented in a health-care setting.-
Types
-
Health-care organizations must have written policies and procedures that are consistent with HIPAA regulations. They must also have a specific person assigned to ensuring that protected information is kept private and secure. This person is responsible for training other employees regarding the guidelines set forth by HIPAA, ensuring that all regulations are followed, and disciplining employees that do not comply with HIPAA.
Significance
-
By requiring an organization to set policies and procedures in writing and appointing a specific individual in charge of ensuring compliance, organizations are held accountable. Providing specification for the implementation of HIPAA also makes it easier and quicker for organization to become compliant with privacy and security regulations.
Considerations
-
Organizations may be designated as "hybrid entities" if only a selected number of functions of the organization meet the requirements to be a covered entity under the HIPAA act. These organizations must designate in writing which components are health-care related and thus must comply with HIPAA regulations, otherwise the entire organization must comply.
-