The Health Insurance Portability and Accountability Act (HIPAA) 1996, is designed to reduce incidences of fraud and abuse in the health care system. Its privacy regulations address the confidential handling of patient health information. Its portability clauses address the issue of working Americans being able to transfer health insurance coverage should they change or lose their job.
Understanding HIPAA guidelines
The law prescribes specific policies regarding the handling and transmission of patient information. Primary care physicians and other physicians in private practice must understand what these steps are, and then implement the requisite internal policies and practices, so that they are compliant.
Privacy and Security
Under the HIPAA privacy requirements, patient information held by organizations that adhere to HIPAA guidelines, is considered protected health information (PHI). This refers to medical records held in both paper and electronic forms.
In order to keep this information secure, medical practices have to establish several technical and physical safeguards. Staff members must be suitably trained in these policies, so that health records are not improperly disclosed. Access to these records should be limited, so that they can only be retrieved by authorized personnel.
Physicians must also encrypt patient information, so that in the event of theft or loss, it cannot be opened and read. While health information can be shared with service providers, this must be done within the confines of the law. Information may also be shared for treatment purposes.
HIPAA Compliance Plans
Medical practices are advised to seek relevant expertise when designing HIPAA compliance plans. This is one area in which the attorneys at Nelson Hardiman, Los Angeles, CA have been advising clients for several years (click here). We also provide workforce training, and breach assessment and notification. Contact us today at 310-203-2800.