HIPAA covers healthcare providers such as doctors, psychologists, pharmacies, and clinics requiring them to act appropriately when handling patient’s healthcare information.
Health Insurance Portability and Accountability Act
The passage of the Health Insurance Portability and Accountability Act (HIPAA) of 1996 was noteworthy because of its impact on the healthcare industry. The Simplification rules dictate rights on healthcare information and under which terms it can be disclosed. According to the Privacy rule, an individual must always provide consent before his or her health information, such as medical records, can be shared with anyone. Individuals are allowed to request changes to their information, as well as ask for records of disclosure.
Under HIPAA, a covered entity (CE) is a healthcare provider (doctors, psychologists, pharmacies, clinics, etc.) who transmits information electronically. These people must take care to keep health information protected and private. Close to 30,000 complaints were accumulated from July 2003 to the end of August 2007, but there were no clear repercussions for the violations, giving the impression that the rules were simply for show.
In 2009, The American Recovery and Reinvestment Act (ARRA) created a penalty system to be used in the case of HIPAA violations. The Secretary of the Department of Health and Human Services (HHS) assesses the violation and its aftermath before determining what penalty the violator will face. If it’s not a case of willful neglect, the violator has a period of 30 days during which they have a chance to correct the violation.
Author: Apoorva Anupindi