10. Health In surance Portability and Accountability Act (HIPPA)
The Health Insurance Portability and Accountability Act of 1996 is a United States federal statute enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1996. It modernized the flow of healthcare information, stipulated how personally identifiable information maintained by the healthcare and healthcare insurance industries should be protected from fraud and theft, and addressed some limitations on healthcare insurance coverage. It generally prohibits healthcare providers and businesses, called covered entities, from disclosing protected information to anyone other than a patient and the patient’s authorized representatives without their consent. However, it does not prohibit patients from voluntarily sharing their health information however they choose, nor does it require confidentiality where a patient discloses medical information to family members, friends, or other individuals not a part of a covered entity.
The act consists of five titles:
Title I: protects health insurance coverage for workers and their families when they change or lose their jobs.
Title II: known as the Administrative Simplification (AS) provisions, requires establishing national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.
Title III: sets guidelines for pre-tax medical spending accounts.
Title IV: sets guidelines for group health plans.
Title V: governs company-owned life insurance policies.
Cybermatic team of experts with knowledge and healthcare industry experience can help and accompany your organization on this journey to safeguard your customer’s Protected Health Information (PHI) by providing the below services:
- HIPAA privacy and security policies: Developing required HIPAA privacy and security policies as defined by the regulation. [Service 5]
- HIPAA Readiness Assessment: Conducting readiness analysis and assessment to identify the required HIPAA control gaps and providing detailed resolutions and recommendations.