Today we will be discussing the Health Insurance Portability and Accountability Act of 1996 or HIPAA. As some or most of you may know HIPAA was enacted by the federal government in 1996 and by definition is a federal law that mandates insurance portability and sets up procedures for electronic data exchange (Austin & Wetle, 2012). This law’s purpose is to protect patients privacy, none of a Patient’s Health Information (PHI) is to be used or released without the patient’s consent. HIPAA is superior to state laws, so that no matter where the patient lives they are protected.
The only time HIPAA is not superior to state law is if the state law has a higher standard, as in keeping an account of disclosures for eight years rather than the six required by HIPAA law we would follow the state law in this case. Key factors that all health care employees should know about HIPAA are as follows. Who is covered by HIPPA? Health care providers, clearinghouses, and health plans that are compelled to protect PHI for oral, paper, and electronic communications (Harman, 2005) are all covered by HIPAA.
Another key factor about HIPAA is, knowing what information is protected and what is ok to be disclosed. PHI is not to be disclosed unless the patient gives their consent, anything with personal identifiers is off limits, demographic data, past, present and future health conditions, provisions of care and past, present, or future payment information (U. S. Department of Health & Human Services, n. d. ) are all protected. Information that can be disclosed is called de-identified health information, information without any identifying factors.
The only required PHI disclosures are to the patient if they request it. If a facility fails to abide by the laws they will be fined. Any person who obtains or discloses identifiable PHI can face a criminal penalty of up to $50,000 and up to one year in prison (U. S. Department of Health & Human Services, n. d. ) the person will likely be terminated from their position as well.
These regulations effect the management of employees, patients, resources, and ealth care because everyone needs to be trained in HIPAA practices and know the laws and regulations. Patients need to understand and sign consent forms and be made aware of what their rights are through the policy. One could say HIPPA makes for more paperwork; however it is crucial to protect our patient’s privacy and the relationship with our outside resources. Once completely understood by all of the staff, and patients everyone will understand how valuable HIPAA really is.