Published on September 12, 2022, Updated on September 12, 2022
The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that protects patient health information from dissemination without the patient’s consent or knowledge. HIPAA covers secure data privacy and enforces security measures to safeguard patient health data. HIPAA modernized the flow of medical information and addressed some restrictions on healthcare insurance in the United States. HIPAA lays forth the requirements for securing personal information gathered by the healthcare and healthcare insurance sectors against fraud and theft.
5 Titles of HIPAA?
HIPAA is divided into 5 titles.
- Title I (Health Care Access, Portability, and Renewability). Title I preserves health insurance for persons who have lost their employment or have changed jobs, including their families. Under this title, a person with a pre-existing medical condition cannot be denied access to health plans.
- Title II (Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform). Title II sets national standards for data security and privacy in electronic healthcare transactions.
- Title III (Tax-related health provisions governing medical savings accounts). Title III uniformizes the contribution that each person can make to a pre-tax medical savings account.
- Title IV (Application and enforcement of group health insurance requirements). Title IV explains the requirements for group health plans for people with pre-existing diseases and elaborates on health insurance reform.
- Title V (Revenue offset governing tax deductions for employers). Title V defines how non-US citizens should be treated, controls life insurance policies held by the corporation, and repeals the financial institution’s interest allocation guideline.
Entities Governed by HIPAA?
The bodies governed by HIPAA are persons and organizations that directly handle personal health information (PHI) and personal health records (PHR). These governed bodies additionally need to abide by the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Entities governed by HIPAA include the following.
- Healthcare providers. Any healthcare provider who sends information electronically, such as claims, questions about insurance eligibility, and requests for referral permission.
- Health plans providers. HMOs, long-term care insurance, and employer-sponsored group health plan providers are covered by HIPAA.
- Healthcare clearinghouses. These are entities that process non-standard data received from another entity into a standard and vice versa.
- Business associates. These include claims processing, data analysis, billing, and utilization review.
Samples of HIPAA Violations?
The following are common examples HIPAA violations.
- Stolen electronics containing PHI or PHR
- Employees disclosing patient information
- Unauthorized accessing of PHI or PHR
- PHR mishandling
- Use of PHI or PHR to commit fraud
- Improper disposal of records
- Insufficient employee training