Posts

complying with HIPAA regualtions

HIPAA in a Nutshell

complying with HIPAA regualtions

Learn more about the landmark Health Insurance Portability and Accountability Act (HIPAA), why it was enacted, and who it applies to. (Photo courtesy of pixabay)

The following guest post on the HIPAA law was submitted by Shae Holland.

HIPAA regulations represent a major transformation in the way healthcare organizations handle information regarding their patients. All patients should understand their rights, just as all healthcare facilities must know and conform to the privacy standards. Let’s examine the ins and outs of HIPAA regulations and what they mean for you.

What You Need to Know

HIPAA is an acronym that stands for the Health Information Portability and Protection Act. It was initially passed in 1996 and was the first protective act in the United States passed on behalf of patients’ personal information.

HIPAA was designed to ensure that your healthcare information is only accessed and shared with your permission, and only in the following contexts:

● Coordinating information about your care and treatment
● Providing information to your family, significant other, or friends who are directly involved in your treatment
● Assessing the quality of care provided by the doctor or healthcare facility in question
● Relaying any information requested by law enforcement agencies

The sharing of patients’ personal information in any other context is unlawful and can lead to heavy fines and even heavier settlements — sometimes heavy enough to force an noncompliant business or facility to close. (But more on that later.)

HIPAA regulates many other areas of the healthcare industry as well. Because we’re only covering the basics, we won’t go into detail about all of them. But HIPAA also regulates

● Doctor and Patient Reimbursement
● Coding
● Security
● Care Management

Your Rights According to HIPAA

HIPAA gives you the ability to do any of the following:

● View the information listed in your health records
● Request corrections to information on said records
● Decide who can access and share your health information (and more importantly, who can’t)
● Require providers and other healthcare facilities to request permission to share your information for marketing and other non-treatment purposes
Is All of My Information Protected?
● Any information a doctor puts in your medical record
● Information stored within the computer system of your health insurer
● Billing information from your healthcare provider
● Conversations your doctor has with nurses or other physicians regarding your treatment or care

If at any time you feel that your privacy rights have been violated, HIPAA regulations allow you to file a complaint with Health and Human Services, or file a complaint directly against your insurer or provider.

Why HIPAA Compliance Is So Important

Failure to comply with HIPAA regulations can result in many negative consequences for a healthcare provider or even a small practice; these include both civic and criminal penalties. Fines can be extraordinarily hefty — in 2013, Advocate Health System of Downers Grove, IL, settled three claims of HIPAA violation for $5.55 million.

Who Has to Comply With HIPAA, and Who Doesn’t?

HIPAA does not apply to every healthcare provider, but it does apply to most of them. All healthcare workers must undergo some kind of training or education on HIPAA compliance.

Health Plans: Health insurance companies, company health plans, HMOs, and even certain programs provided by the government (Medicare, Medicaid) must follow HIPAA regulations.

Healthcare Providers: Any provider who conducts business electronically must comply with all recent regulations.

Clearinghouses: Entities that process non-standard patient information must follow these rules as well.

The following are a few of the groups who don’t need to comply with HIPAA regulations:

● Employers
● Workers Compensation Carriers
● Life Insurers
● School Districts
● Law Enforcement Agencies

Conclusion

For over two decades HIPAA has sought to improve the safety and accessibility of medical records. Compliance can be complicated and even annoying for healthcare providers and related businesses, but the benefits of additional personal information security are worth it. After all, it’s a healthcare provider’s job to protect their patients’ health; protecting their personal information and privacy is a natural addition to that duty.

Author bio:

Shae Holland is a professional copywriter with expertise on a range of topics. She’s passionate about healthy living, loves hunting, and adores her two springer spaniels.

 

protecting healthcare data

Healthcare Records: How to Protect Patients’ Sensitive Information

protecting healthcare data

The explosion of online sensitive healthcare data now available online must be secured to protect patient privacy and advance data integrity.

The following guest post on protecting sensitive healthcare record data was submitted by Rachelle Wilber.

The Health Insurance Portability & Accountability Act (HIPAA) of 1996 requires that any entity that is privileged to collect or store sensitive patient healthcare information keep the information secured and protected against unauthorized access or use. A violation of the HIPPA law has serious implications to any healthcare practitioner or facility. By being vigilant and taking these action steps, you can help to protect the sensitive information of the patients who visit your healthcare facility.

Cloud Encryption
Cloud-based data storage and applications service providers are allowing healthcare organizations to use their own encryption keys. These keys are unique to your facility and your own information technology officers can create them. By using these customized encryption keys for data that your healthcare facility uploads to the cloud, you can reduce the risk of unauthorized users gaining access to usable information. If a hacker did get into your database, they would be unlikely to be able to break the encryption key.

Coding Sensitive Data

In addition to encrypting data, you can also code it as it is entered. For example, if a patient has HIV, that condition could be given a numeric code rather than the name of the virus. Only authorized users at your facility would know what the code means.

Healthcare Administration

When you are ready to further your healthcare career and learn more techniques on coding and encryption of sensitive data, consider enrolling in one of many healthcare administration master’s programs that many universities offer. These accredited programs help you to master all aspects of administration that are essential to running a productive, efficient and compliant doctor’s office, clinic or hospital. You will learn about data administration as well as coordination of services, billing, communications and data analysis.

Physical Security

The physical security of patient information is also important. If your facility uses or still has any paper medical charts, they should be kept under lock and key and signed in and out when they are used. Laptops, tablets and other electronic devices should be password-protected. The computers and tablets should also be locked and put away when they are not in use.

By employing these measures in your healthcare facility, you can protect the sensitive patient data that you collect. Maintaining the security of the data helps to keep you compliant with the law. These measures also show to your patients that you care and respect their rights to privacy.

Rachelle Wilber is a freelance writer living in the San Diego, California area. She graduated from San Diego State University with her Bachelor’s Degree in Journalism and Media Studies. She tries to find an interest in all topics and themes, which prompts her writing. When she isn’t on her porch writing in the sun, you can find her shopping, at the beach, or at the gym. Follow her on Twitter and Facebook: @RachelleWilber; https://www.facebook.com/profile.php?id=100009221637700