HIPAA is the Health Insurance Portability and Accountability Act which was accepted on August 21nd, 1996. It was approved by the US Congress and signed by President Bill Clinton primarily to update the flow of medical information and to predict how personal information stored in medical institutions and medical insurance companies should be protected from fraud and theft as well as to refer on restrictions for medical insurance. It was also known as the Kennedy – Kassebaum Act or Kassebaum – Kennedy Act upon the names of its leading lobbyists.
The act consists of five sections:
- HIPAA protects health insurance for workers and their families when they are transferred, released or lose their jobs.
- Section II of HIPAA, known as the administrative simplification clause, requires the creation of national standards for electronic health care transactions and national identifiers for providers of health insurance plans and employers.
- HIPAA establishes guidelines for accounting for medical expenses prior to taxation.
- HIPAA establishes guidelines for group health insurance plans.
- HIPAA regulates company-owned insurance policies.
Basically, HIPAA embodies the list of rights an individual has when entering a health care establishment.
- Only you or your personal representative have a right to access your records. A health care provider may send copies of your documents to another provider or medical plan only if needed for treatment or payment with your permission.
- You can choose a personal representative who may have access to your medical records.
- In case of a court order, a medical professional can submit your medical records.
HIPAA ComplianceClosed organizations and business partners are two sections expected to comply with HIPAA requirements and follow HIPAA rules.
- Provider of medical services – doctors, clinics, pharmacies, etc.
- Medical insurance plan – health insurance companies, HMOs, company health plans, etc.
- Health Information Center. This includes organizations that process non-standard health information they receive from another person into standard (standard electronic format or data content) or vice versa.
- This is an organization or staff whose services are being used by business partners, and this leads to the disclosure of patient health information (PHI).
- HIPAA Compliance directs connected companies and business partners to protect the confidentiality and security of patient information at all times. If they do not – they will face responsibility in accordance with federal law. In addition, they must grant a person all rights he possesses in the framework of HIPAA. Closed parties should have a written and binding contract with business partners, declaring full confidentiality of patient information.