Laws for the secure and private transfer of individual’s medical information. The nearly instantaneous flow of information is a defining variable of the information age. Many leading companies have established a benchmark of implementing flexible and effective new technologies into their business plan, and just now many small businesses have been able to get out ahead of this trend and implement their own solutions. While it’s true some companies can use this technology better than others, in regards to healthcare information, the seamless flow of information can literally be the difference between life and death. In August of 1996, United States President Bill Clinton, in an effort to promote secure transfer of patient information, signed into law the Health Insurance Portability and Accountability Act (HIPAA). At that time, HIPAA stated that the Secretary of Health and Human Services had to publicize official standards for the electronic exchange, privacy, and security of health-related information. It also stated that the Secretary of HHS had the responsibility of issuing regulations if the U.S. Congress didn’t enact privacy and security standards by 1999. Three years later, HHS unveiled the official rules. Table of Contents HIPAA Privacy Rule HIPAA Security Rule Electronic Transaction & Code Sets Standards National Identifier Requirements Enforcement & Penalties HIPAA Privacy Rule The HIPAA Privacy Rule, or the Standards for Privacy of Individually Identifiable Health Information, established protocols for many healthcare providers in regards to who has access to patient information. The privacy rule applies to health plans, healthcare agencies, and to any healthcare provider that transmits patient information electronically. Individual and group medical plans that provide or pay the cost of medical care are covered by HIPAA. These plans include health, dental, vision, prescription drug insurers, health maintenance organizations (HMO), Medicare, Medicaid, and other healthcare insurance providers. The following information is protected under HIPAA’s Privacy rule: An individual’s complete history of their physical and mental health conditions. The treatment or provision the individual has access to. An individual’s payment information for said healthcare. The Privacy Rule is administered by the Office for Civil Rights. HIPAA Security Rule The more seamless the transfer of data is, the better it works for business. Unfortunately, there are entities out there looking for opportunities to intercept this information for their own, often nefarious, purposes. Nowhere is data more personal than in the health care industry. HIPAA’s Security Rule, or Security Standards for the Protection of Electronic Protected Health Information, specifies a series of administered, physical, and technical safeguards for covered parties to guarantee the integrity, real-time availability, and confidentiality of protected electronic healthcare information. The Security Rule is administered by the Centers for Medicare and Medicaid Services (CMS). Electronic Transaction & Code Sets Standards The standardization of electronic transactions is important for the efficiency of the care being provided to patients. With the standardization rules set forth by HIPAA, each healthcare provider has to adhere to the same set of protocols as other providers do to ensure the transferred financial and medical information is easily deciphered by the healthcare provider. HIPAA sets a standard and the operating rules for electronic funds transfer (EFT) and electronic remittance advice (ERA) and attachments for claims. This section of HIPAA is administered by the Centers for Medicare and Medicaid Services. National Identifier Requirements As a part of the … Continue reading Understanding HIPAA