What is HIPAA?
HIPAA stands for the Health Insurance Portability and Accountability Act that was passed by Congress in 1996, and sets the standards for securing Protected Health Information (PHI). HIPAA provides the ability to transfer and continue health insurance coverage for millions of Americans, while establishing rules and regulations to enforce these new policies. These standards have reduced health care fraud and abuse, while mandating industry-wide regulations when it comes to the handling of PHI. Any organization that practices healthcare is considered a “covered entity.” More than 700,000 hospitals, emergency medical clinics, dental offices, nursing homes, and other health-related entities are required by law to ensure that all the physical, network, and security measures are being met to satisfy the requirements of HIPAA.
HIPAA Essential Rules:
- HITECH Act - The electronic transferring of protected health information. It improves health care quality, safety, and efficiency through the promotion of health information technology. It supports the enforcement of HIPAA requirements by increasing the penalties of health organizations that violate HIPAA Privacy and Security.
- Privacy Rule – Implements standards to assure the securing of private patient data by ensuring the saving, accessing, and sharing of medical and personal files. This rule creates a balance that permits significant access of information, while protecting the privacy of people who seek healthcare.
- Security Rule - Specifically outlines national security standards to protect health data created, received, maintained or transmitted electronically. This rule requires appropriate administrative, physical, and technical safeguards to ensure the confidentiality, integrity, and security of the Electronic Protected Health Information (ePHI).
- Enforcement Rule - Enhances patients' rights, while strengthening the government’s ability to enforce the law. This rule contains provisions relating to compliance and investigations. It also enforces civil money penalties for violations within HIPAA. Allows one year to become compliant and requires proof of compliancy.