Health Insurance Portability and Accountability Act

Health Insurance Portability and Accountability Act

Introduction

There are several human resource issues that are wide spread throughout different work forces, but one that is unique only to the medical field is H.I.P.A.A., the Health Insurance Portability and Accountability Act Privacy and Security rule. The HIPAA Privacy rule protects the privacy of an individual's personal health information and provides federal protection for personal information and only permits the disclosure of personal information needed for patient care and other important issues. The HIPAA Security rule sets a national standard for the security of health information through a series of administrative, physical and technical safeguards for covered entities to ensure the confidentiality of an individual's health information. HIPAA provides several rights to a patient in regards to personal information (Torras, 2003).

Every health care provider who transmits health information is a covered entity, regardless of size. Health care transactions health providers may be a part of include claims, benefit eligibility inquiries, or referral authorization requests. The Privacy rule convers health care providers whether they electronically transmit transactions directly, or uses a billing service or third party to do so on its behalf.  The U.S. Department of Health and Human Services mandated that entities develop specific transaction standards, including code sets, security and electronic signatures and unique identifiers for employers, health plans, and health care providers. All of these mandations are in place to protect patient privacy and preserve quality health care. Prior to the start of Jamie's second year of pharmacy school the students were once again required to take an online course on HIPAA, which was formatted similar to the previous year, with quizzes at the end of each section. Jamie said it was a nice refresher to take that course again because it reinforces the importance of HIPAA and builds on her currently knowledge of how to she'll be exposed these regulations on a daily basis as a pharmacist (Austin, 2002). 

Discussion

Today these audits are performed by KPMG under an almost $10 million contract with the Office of Civil Rights (OCR). As a reminder, HIPAA regulations require that health care providers perform periodic evaluation and updating of their own policies, procedures and safeguards with regard to the privacy and security of patient health information.

Providers should actively review their internal policies and practices, both in preparation for what may come in terms of audits, and because it is a wise and prudent measure for protection of their organization in this ever-litigious society. Still on the horizon but not here yet is the pending finalization of HITECH Act regulations that will amend the HIPAA privacy, security and enforcement regulations. The Department of Health and Human Services issued its Notice of Proposed Rule in July 2010, which is the initial step in finalizing regulations that could eventually be published and enacted. With an extensive commentary response the final decision was delayed in 2011 but is expected to occur by the end of 2012. The amendments to HIPAA, if adopted, essentially put real teeth ...