info@ceu360.com | 1-800-554-2387

Blog

10 questions and answers about HIPAA law

HIPAA Law: What You Need to Know

10 questions and answers about HIPAA law


HIPAA Law: What You Need to Know1. What is HIPAA law?

2. Who is a covered entity?

3. How do I know if my business is considered a “covered entity”?

4. What qualifies as “Individually identifiable health information”?

5. Who is not required to follow HIPAA Privacy and Security Rules?

6. What are the most common HIPAA violations?

7. How is HIPAA law enforced?

8. How do you file a HIPAA complaint?

9. What is the penalty for a HIPAA violation?

10. How can I ensure my facility is HIPAA compliant?

1. What is HIPAA Law?

HIPAA is an acronym that stands for the Health Insurance Portability and Accountability Act. HIPAA law was enacted by the U.S. Congress in 1996 to address the security and privacy of health data. It was designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, doctors, hospitals and other health care providers. Developed by the Department of Health and Human Services (HHS), HIPAA standards provide patients more control over how their personal health information (termed “individually identifiable health information”) is used and disclosed.

Back to top

2. Who is a “Covered Entity”?

HIPAA law applies to “covered entities” which include:

    • Health care providers
    • Health plans
    • Health care clearinghouses (such as billing services)

Back to top

3. How do I know if my business is considered a “covered entity”?

You can download the HHS’ Covered Entity Charts to determine whether your organization qualifies as a “covered entity”.

Back to top

4. What is “individually identifiable health information”?

“Individually identifiable health information” includes demographic data that relates to:

    • the patient’s past, present or future physical or mental health or condition
    • the provision of health care to the patient
    • the past, present, or future payment for the provision of health care to the patient
    • common identifiers (e.g., name, address, birth date, Social Security Number)

Back to top

5. Who is not required to follow HIPAA Privacy and Security Rules?

Organizations that do not have to follow the Privacy and Security Rules include:

    • life insurers
    • employers (HIPAA does not protect your employment records even if the information in your records is health-related)
    • workers compensation carriers
    • schools and school districts
    • state agencies like child protective service agencies
    • law enforcement agencies
    • municipal offices

Back to top

6. What are the most common HIPAA violations?

The 8 most common HIPAA violations can be found here.

Back to top

7. How is HIPAA law enforced?

The HHS’ Office for Civil Rights (OCR) is responsible for enforcing HIPAA law. The OCR enforcement process can be found here.

Back to top

8. How do you file a HIPAA complaint?

If a covered entity violates health information privacy rights or commits any other violation of HIPAA law, a complaint can be filed with OCR either by mail, fax, email or electronically via the OCR Complaint Portal. Anyone can file a HIPAA complaint – a health care provider, patient, patient’s family member, etc.

Back to top

9. What is the penalty for a HIPAA violation?

HIPAA violations result in fines per offense which range between $100 and $50,000. However, there is a $1.5 million limit that one organization can be fined annually. In addition to these fines, the states’ attorneys general can pursue civil actions. And, breaches for greater than 500 patients must be reported to news media.

Back to top

10. How can I ensure my facility is HIPAA compliant?

If you want to ensure your business is HIPAA compliant, start here: 3 Steps to HIPAA Law Compliance

Back to top

Have additional questions?

You can search the HHS.gov database of FAQs regarding HIPAA here.

Sign up for our email newsletter – keep informed about HIPAA, OSHA, JCAHO, and more!

GET FREE COMPLIANCE TIPS →

Source: HHS.gov

Leave a Reply

Your email address will not be published. Required fields are marked *