HIPAA

The health care industry and its respective insurance processes are complicated endeavors that have access to very private and confidential information. During the 1990's, a growing population of aging Americans were living longer while also becoming patients in the healthcare system. This combined to create mountains of paperwork. In an effort to make the exchange of medical information more standardized, the Health Insurance Portability and Accountability Act (HIPAA) was created in 1996 by the U.S. Department of Health and Human Services (DHHS). It was designed to make healthcare more efficient and effective.

What HIPAA Does

Protecting patient privacy is a time honored tradition among healthcare practitioners, but the legal protection offered to individuals in guarding their privacy was unorganized and inconsistent prior to 1996.

HIPAA was a Federal law intended to accomplish three main goals. First, it set national standards for conducting health care transactions electronically. Different hospitals, clinics, and insurance providers were all using differing forms with information placed in different locations. This became confusing to patients, but also to the employees working in these fields. Such differences contributed to excessive paperwork and lengthy processing. HIPAA standardized these documents to make them compatible between different health care services.

Secondly, Congress recognized that the electronic conveyance of medical information could compromise an individual's privacy. Thus, HIPAA gave patients greater protection and control over their medical records, granted them greater access to their medical records, and limited the amount of information providers could reasonably disclose. Lastly, it made health insurance more transferable, or increased its portability, between insurance providers when individuals changed jobs.

Changes in HIPAA Regulations

The HIPAA privacy rule went into effect on April 14, 2003. These modifications were designed to strongly protect how health care entities could relay Protected Health Information (PHI). This information is regarded as data that might be transmitted via electronic, paper, or oral mediums in such a manner that it could potentially identify a patient to an outside individual. The Privacy Rule was geared towards health plans, health clearinghouses, and health care providers to set stricter boundaries on how information could be released.

How HIPAA affect Physicians

HIPAA requires physicians and other healthcare practitioners to protect the privacy of their patients' medical information. They can not use any identifying information when discussing a patient's case with a peer or student. Physicians are also required to grant patients specific types of access to their medical information in order to copy or amend medical charts, and to request details of accounting procedures. Hospitals, physicians, and other health care environments are also required to have their staff trained on HIPAA regulations and must implement certain administrative policies. Failure to comply with HIPAA standards can result in civil and criminal penalties.

By Doug Vanisky