|
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a sweeping set of regulations that protect the privacy and security of individual patient and health plan member records. HIPAA’s Administrative Simplification provisions are divided into three sections: Transactions, Privacy and Security.
The Transactions regulations govern the transmission of data between healthcare providers, payers and others within the healthcare system. Most small to mid-sized businesses are not directly responsible for administering their compliance with these regulations, instead delegating that to their insurance carrier or third party administrator.
HIPAA Privacy regulations govern the handling of patient and health plan member records containing protected health information. Protected health information, or PHI, is any individually identifiable information related to the provision of or payment for health services. For many small to mid-sized businesses this includes the amount a specific employee pays for premiums, as well as family status, enrollment status and any flexible spending account activity. Protecting this data from misuse is paramount under HIPAA. Under virtually no circumstances may an employer use data obtained by the health plan (including premium amounts and family status) to make employment related decisions. To adequately comply with the provisions of these regulations requires employers to have policies and procedures in place to more effectively administer activity related to this kind of information.
HIPAA Security regulations control the handling of electronic protected health information (PHI). Many small to mid-sized companies don’t understand the degree to which they may hold electronic PHI in spreadsheets, on-line HR systems or through third party websites that store individual enrollment or claims data. The regulations govern such activities as data backups, firewalls, virus protection, access controls and many others. The good news is that most companies have a significant head start on compliance through their normal information systems procedures.
Complying with HIPAA is easy – if you know what you need to do and have the tools available to do it. The HIPAANow! Choice toolkit provides step-by-step instruction and over 60 forms, policies, procedures and other documentation to demonstrate your compliance with HIPAA.
|
 |
