The Health Insurance Portability and Accountability Act (HIPAA): is a regulation that mandates national standards and procedures for the storage, use, and transmission of personal medical information. Passed into law in 1996, HIPAA has caused a great deal of change in healthcare recordkeeping.
HIPAA covers three areas—confidentiality, privacy, and the security of patient records. It was implemented in several phases to make the transition easier.
Confidentiality and privacy of patient records has to be implemented by a set date, followed by security of patient records. Standards for transaction codes in medical record transmission had to be completed by a given date as well.
The penalties for HIPAA violations are very stiff; they can be as high as $250,000 based on the circumstances. Medical practices are required to appoint a security officer.
All related parties, such as billing agencies and medical records storage facilities, are required to comply with these regulations.
The Health Information Technology for Economics and Clinical Health (HITECH) Act promotes the adoption and meaningful use of health information technology.
Subtitle D of HITECH address the privacy and security concerns associated with the electronic transmission of health information through several provisions that strengthen the civil and criminal enforcement of the HIPAA rules.
NOTE: For more information on HIPAA, you can visit www.cms.hhs.gov/HIPAAGenInfo/.