|
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was established by Congress with these core elements and implementation dates:
- Privacy Rule - April 14, 2003
- Transactions and Code Sets Rule - October 16, 2003
- Security Rule - April 21, 2005
HIPAA is designed to better protect medical information by giving individuals more control over how their information may be used. The Law contains civil and criminal penalties for wrongful use or disclosure of this Protected Health Information. As a result, most health care providers and their Business Associates have to modify their business practices. Health care professionals and organizations impacted by HIPAA must implement, monitor, and demonstrate to the U. S. Department of Health and Human Services their compliance with each of the HIPAA Rules' requirements:
Privacy - Name a Privacy Officer, post a Notice of Privacy Practices, develop Privacy Policies and Procedures, train workforce members, enter into Business Associate Agreements, track and account for all disclosures of health information, and correct any deficiencies.
Transactions and Code Sets - Assure that electronic systems and services meet HIPAA standards.
|
