The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
mandates standards for the way your organization sends data electronically,
seeks protections for the privacy and security of patient data, and establishes
uniform healthcare identifiers.
HIPAA is a series of federal regulations and it is important that you
understand what is expected of you within the workplace under these new federal
guidelines.
The Privacy Standard seeks to protect the privacy of information related to an
individuals’ HIPAA’s health, treatment, or healthcare payment. The Privacy
Rule, which overlays entire Administrative Simplification provision, has the
following requirements:
Inform people of how their information is used:
Give people access to information about them;
Require health plans and providers to maintain administrative and physical
safeguards;
Allow health information to be used and shared for treatment and payment of
health care;
Allow disclosures for national priorities;
Require written authorization for use and disclosure for all other purposes;;
Require NO disclosure except to individual (and HHS for investigation
for enforcement.;
Overview of Security Rule
The new Security Standard will provide a uniform level of protection of all
health information that is housed or transmitted electronically and that
pertains to an individual.
There are four main security provisions included in HIPAA:
• Administrative Procedures (security practices)
• Physical Safeguards (protection from intrusion)
• Technical Safeguards (which provide security over data at rest and in
transit).
The Security Rule applies not only to the transactions adopted under, but also
to all individual health information that is maintained or transmitted
electronically. Since the Security Standard does not require specific
technologies to be used, solutions will vary.
