|  | Healthcare Industry | Healthcare Management

What Are Hippa Responsibilities?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its accompanying regulations, known as the Privacy Rule and the Security Rule, protect the privacy of your health information and govern how that information can be collected, maintained, used and disclosed. It protects all people's health information and makes requirements of anyone who uses health care or health insurance, including health plans, doctors, hospitals, employers, life insurances, public health authorities and information systems companies.

  1. Administrative Simplification

    • Among the main goals of HIPAA was simplification and standardization of how health care information is use and transacted. One requirement of HIPAA is to use a national set of codes to identify specific diagnosis and clinical procedures on claims forms. The first two titles of the law also requires employers and health insurance plans to allow a new employee's coverage to be continuous regardless of pre-existing conditions and implement controls to protect their health information. In addition, it implements standards for the electronic exchange of that information.

    Privacy Rule

    • HIPAA is the first law to provide federal protection of health information, but in the course of providing care, it's impossible for doctors, employers and health care providers to not talk about individuals' health information. Because of the nature of health care, the privacy rule permits providers, employers, and the like "incidental use and disclosure" of health information so long as they have implemented reasonable safeguards and instituted the "minimum necessary" standard, which limits how much protected information is used and disclosed.

      Practices, such as speaking quietly when talking about a patient's condition, locking file cabinets, putting passwords on computers, but also ensuring care providers can get to the minimum amount of information needed to do their jobs, are part of the minimum necessary requirements.

    Security Rule

    • The Security Rule is a set of administrative, physical, and technical safeguards health care providers, insurers, and employers are required to use to ensure the confidentiality, integrity and availability of electronic protected health information. Administrative safeguards require use of administrative policies and procedures to manage the security process. Physical safeguards are those tangible, physical methods to protect the health information from unauthorized access as well as natural and environmental hazards. Responsible parties must also apply technical safeguards, or the technology used to protect health information such as password, network security, virus protection and the like. These requirements will call for responsible entities to conduct a thorough assessment of the risks and vulnerabilities to the confidentiality, integrity and availability of health information. They are also required to appoint a security official to oversee the implementation of security controls.

Healthcare Management - Related Articles