Friday, April 23, 2010

HIPAA - Overview of HIPAA's goals

HIPAA stands for the United States Health Insurance Portability and Accountability Act. HIPAA is a set of standards introduced by Congress in 1996 that aim to protect the privacy of patient information in the healthcare industry by regulating how providers handle patient data while conducting business. HIPAA also ensures the continuity of individuals' healthcare coverage.

HIPAA created a set of universal standards for exchanging and securing personal data via electronic data interchange (EDI). The goal of HIPAA is to protect all data that is personally identifiable to a specific person, regardless if it is communicated orally, electronically or in writing.

There are two sections to the standard:
1) HIPAA Title I: Protecting citizens' healthcare coverage if they are fired or laid off
2) HIPAA Title II: Patients' rights and how to properly transmit, share and store their information.

The HIPAA privacy rule
All healthcare providers or any organization that processes medical records must inform patients of their privacy rights. They are required to educate and train staff on how medical data should be properly handled. They must also implement and practice the required privacy and security policies in order to ensure that electronic health information of patients remain secure.

HIPAA Fines
In the late 90's HIPAA fines and penalties for non-compliance were not often issued.
Because of this organizations assumed HIPAA compliance was discretionary. This is not true!

Recently, several organizations have received more then a slap on the wrist in the form of hefty HIPAA-related fines for bad practices, causing many healthcare organizations to rethink their lagging efforts in implementing and enforcing HIPAA policies. I will cover some of these instances under a different entry!

Jamie"s MOTTO.....

Don't follow the path that is already there....go instead where there is no path....and leave a trail....

This trail is a part of a long journey .....