|
 HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996. HIPAA is the largest government action in Healthcare since Medicare. In recognizing the need for a national patient record privacy standard, the federal government established this act with the primary purpose of improving health insurance accessibility for people changing employers or leaving the workforce. This federal legislation also provides provisions to encourage and protect health-related data, ensure privacy, and improve efficiency throughout the health care system. HIPAA consists of two standards: the security standard and privacy standard.
“The SECURITY STANDARD relates to the technical and physical protection of protected health information, which includes computer passwords, network firewalls, locked file cabinets and file rooms that contain patient records.”
—Massachusetts Medical Society Online Directory
WHAT IS THE INTENT OF THE SECURITY STANDARD?
 |
To secure all medical records and other individually identifiable health information
used or disclosed, in any form (i.e. paper, oral or electronic communication). |
|
To improve patients‘ rights over both understanding and controlling how their health information is used. |
|
To require health care providers to give patients clear written explanations of how health information may be used. |
|
To allow patients to see and receive copies of all their records as well as a history of non-routine disclosures. |
|
To require patient consent before information is released |
“The PRIVACY STANDARD
relates to the policies and procedures protecting patients’ health information, such as consent and authorization forms, privacy notices and business associated agreements.”
—Massachusetts Medical Society Online Directory
WHAT IS THE INTENT OF THE PRIVACY STANDARD?
|
To provide information to patients about their privacy rights. |
|
To adopt written privacy procedures for staff and employees. |
|
To train employees on privacy procedures and designate a “privacy” officer within the organization. |
|
To secure patient records containing individual health information so they are not readily available
to those who do not need them. |
| WHAT ARE THE
KEY ELEMENTS OF HIPAA? |
|
Security standards to protect
and secure electronic, paper and oral communications. |
|
Privacy regulations to protect individuals privacy rights in regards to health information. |
|
National standards for electronic transmissions of health care data. |
|
Standardization on establishing patient “identifiers” for employers and health providers.
|
WHO MUST COMPLY WITH HIPAA?
Almost everyone. As required by HIPAA, the final regulation covers health plans, health care clearinghouses, health care providers, physician offices, employers, public health authorities, life insurers, information systems vendors, service organizations, and universities. All who conduct certain financial and administrative transactions through paper, oral or electric communications.
WHEN IS THE HIPAA COMPLIANCE DEADLINE?
April 14, 2007! The Final Rule published in August 2007 requires that all physicians, health care providers, clinics, hospitals, health claim processors and any other parties providing treatment or claims processing to comply with privacy regulations by April 14th 2007.
WHO WILL BE ENFORCING THE HIPAA REGULATIONS?
The Department of Health and Human Services (DHHS). The DHHS will publish a final draft in early 2007 concerning the enforcement of HIPAA regulations. This publication will address the compliance provision and detail how it will be enforced and how penalties will be imposed.
WHAT ARE THE RAMIFICATIONS FOR NON-COMPLIANCE?
Civil and Criminal penalties may be imposed for noncompliance. In addition, there may be fines that will not exceed $100 per violation per person or entity. The total amount imposed on any one person for a violation of any one requirement, could reach $25,000 in a calendar year.
Criminal penalties and fines may be imposed if protected health information is used or disclosed
with illegal intent.
| Additional Product Resources We Recommend
|
Secure pouches
from Secure Mailing Systems (SMS/Secure Mailing Systems)
are inexpensive but they provide both security and cost savings.
Securing Mail Carts: a new idea that has really taken hold and
proved quite beneficial. Mail carts are usually left exposed when making
deliveries. Concerned clients have used two strategies to secure the
contents of carts:
Lockable, mail covers are inexpensive and can even protect packages
during campus deliveries in poor weather.
Fully enclosed mail carts, like the one shown above from Charnstrom
provide the greatest security and are a very good, long-term investment.
We offer all Charnstrom products at discounted prices from their
published catalog.
Lockable Mail Boxes, Sorters and Drop Boxes:
Satellite mail
centers are used as points of delivery for departments or as predefined
locations on a floor. In order to meet HIPAA guidelines, these sorters
can be configured with lockable bins or plexiglass doors.
Electronic
Delivery of Incoming Mail: The "Scan & Deliver" concept has
received quite a bit of attention in the last year or two. Scanning
incoming documents is not a new concept and it can be used by
organizations receiving standard client documents (i.e., insurance claims)
or legal forms that need to be stored and processed for distribution. For more information on this very exciting concept,
click here
or
drop us a line.
Strapping bundles of mail or packages:
Bundling mail and accountable packages can be done quickly and inexpensively for transporting items securely.
We will be glad to help your organization address many of the HIPAA requirements described in this brief article. We offer many unique and practical ways which can be implemented quickly and inexpensively. This article is in no way a legal document and clients are encouraged to consult with their corporate policy and legal departments. Feel free to send us an
e-mail or give us a
call.
Dag Gonzalez. 
 HIPAA
related products
Archives
References
Survey
Datamation Security Products |
|
