|  | Healthcare Industry | General Healthcare Industry

HIPAA Hospital Rules

The Health Insurance Portability and Accountability Act of 1996, more commonly known as HIPAA, was enacted to improve the portability and continuity of health insurance coverage and health care delivery. While it largely addresses consistency in the way medical information is gathered, stored and retrieved, HIPAA also has a section dealing with the privacy and confidentiality of medical records.

  1. History

    • Traditionally, health care organizations and health insurance companies have operated autonomously in a competitive environment that discouraged information sharing. HIPAA came about because health care consumers were tired of repeating their medical information every time they changed insurance plans, saw a new doctor or were treated at a different hospital. The message was clear: Americans wanted their medical data to be available when needed for care delivery or insurance coverage, but they also wanted controlled access to that data.

    Types

    • As health care providers, hospitals are mandated to establish rules congruent with HIPAA regulations. The rules include administrative policies and procedures to implement HIPAA requirements, as well as personnel policies that limit access to billing and medical information on a need-to-know basis. Hospitals have also implemented elaborate technical security measures to protect automated systems for billing and care documentation, along with physical security guidelines that control access to sensitive medical records and other documents. They continue to train and educate staff about professional codes of conduct and evaluate them on performance standards related to the privacy of health information.

    Benefits

    • HIPAA has stimulated local, regional and national discussions about consistency in data reporting for hospitals, insurance companies and government agencies. Hospitals have adopted a number of rules to reduce redundant data entry, improve the accuracy of the data in their systems and share appropriate information with third-party payors so they can be paid promptly for care delivered.

    Considerations

    • While HIPAA emphasizes privacy, it also delineates times when medical or billing information may be shared. For example, hospital rules must clearly outline how data can be transmitted to third-party payors for billing purposes. Internal policies define how medical information can be used for quality-assurance purposes to evaluate patient outcomes. Since HIPAA doesn't supercede public health reporting requirements such as those for infectious diseases or mandated reporting around issues such as child abuse, hospitals have specific reporting policies for those instances.

    Significance

    • While experts initially compared HIPAA compliance with Y2K preparations in terms of the time and dollars required, hospitals have done a good job of developing rules to ensure compliance. Hospital leaders are well aware that the initial investment of time and money is only the beginning. Every time a new form of technology is introduced, or the financial environment changes, there will be a need to adjust existing policies and procedures.

General Healthcare Industry - Related Articles