Understanding HIPAA Privacy and HIPAA Security
Unlike earlier times, we now see an increased number of regulations and security standards implemented by the government to ensure information security and privacy. HIPAA or the ‘Health Insurance Portability and Accountability Act’ of 1996 was issued to address the security and privacy concerns in the healthcare industry. This act has two sections referred to as Title I and Title II. Title I deals with healthcare access, portability and renewability while Title II also known as the Administrative Simplification (AS) provisions,deals with medical liability reform and measures and civil and criminal penaltiesto prevent health care fraud and abuse.
The objective behind the drafting of the Administrative Simplification provisionsis to improve the efficiency of the health care system by setting up rules and guidelines regarding the use and disclosure of healthcare information. The Administrative Simplification provisions consist of five rules namely, the Privacy Rule, the Transactions and Code Sets Rule, the IT security and compliance Rule, the Unique Identifiers Rule, and the Enforcement Rule.These rules are applicable to covered entities and their business associates. Employer sponsored health plans, health insurers, health care clearinghouses, and certain health care providers are grouped under covered entities while business associates refer to those persons and businesses whose services are used by the covered entities.
The Privacy Rule
The HIPAA privacy rule deals with the rules and standards that need to be implemented to ensure the confidentiality of Protected Health Information (PHI), which includes details such as health status, medical record, payment history and so on.
Covered entities are therefore mandated to:
In the second part of this article, we will delve in to the security aspects of HIPAA. With the drafting of HIPAA, healthcare industry witnessed rapid changes in the handling of PHI. HIPAA compliance definitely is a right step in the right direction. Read on - Hitech compliance, ISO compliance