Defintion of the HIPAA Law
The Health Insurance Portability and Accountability Act (HIPAA) is a federal statute that was passed in 1996 to control the use and disclosure of health information. This statute set a series of regulations that define the specific actions that an organization may take, the specific types of actions that an organization must take and the specific types of actions that an organization must avoid to protect a patient's right to privacy.-
Covered Entities
-
The regulations established by HIPAA only apply to certain organizations. These organizations, which are known as covered entities, include health insurance plans (such as HMOs, Medicare, and Medicaid), health care providers (such as dentists, hospitals and pharmacies) and organizations that process health information.
Protected Information
-
HIPAA only protects certain information. This information, which is known as protected health information (PHI), includes an individual's address, birth date, diagnosis, name, and/or any other information that may indicate that a specific individual has received treatment.
Consumer Rights
-
Individuals have the right under HIPAA to be informed of how and when health information will be used, the right to review their own medical records, and the right to have errors in their medical records corrected.
Safeguards
-
A covered entity is required to secure an individual's protected health information (PHI), to disclose PHI only when necessary, and to make sure that anyone with access to PHI is trained to protect that information.
Acceptable Uses
-
Covered entities may use protected health information (PHI) to diagnose and/or treat an individual, to file a claim with a health insurance plan, or to comply with a local, state or federal law.
-