1 / 8

Health Insurance Portability and Accountability Act ( HIPAA )

Health Insurance Portability and Accountability Act ( HIPAA ). Title I of HIPAA. Protects health insurance coverage for workers and their families when they change or lose their jobs. Limits restrictions that a group health plan can place on benefits for preexisting conditions.

kevina
Download Presentation

Health Insurance Portability and Accountability Act ( HIPAA )

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Health Insurance Portability and Accountability Act(HIPAA)

  2. Title I of HIPAA • Protects health insurance coverage for workers and their families when they change or lose their jobs. • Limits restrictions that a group health plan can place on benefits for preexisting conditions.

  3. Title II of HIPAA • Known as the Administrative Simplification (AS) provisions • Requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers • It helps people keep their information private

  4. Title 2 of HIPAA – cont’d • The HIPAA Privacy Rule regulates the use and disclosure of certain information • The transactions and code sets rule: After 2005, most medical providers that file electronically will have to file their electronic claims using the HIPAA standards in order to be paid. • Security Standards: • Administrative, • Physical, and • Technical

  5. Administrative Safeguards • Written privacy procedures • Designate a privacy officer for developing and implementing all required policies and procedures. • Management oversight and organizational buy-in to compliance with the documented security controls. • Clearly identify employees or classes of employees who will have access to electronic protected health information (EPHI). Access to EPHI must be restricted to only those employees who have a need for it to complete their job function. • Address access authorization, establishment, modification, and termination. • Appropriate ongoing training program. • In out-sourcing business processes to a third party , ensure the vendors also comply with HIPAA requirements. • A contingency for responding to emergencies. • Internal audits.

  6. Physical Safeguard • Control introduction and removal of hardware and software from the network. (When equipment is retired it must be disposed of properly to ensure that PHI is not compromised.) • Access to equipment containing health information should be carefully controlled and monitored. • Access to hardware and software must be limited to properly authorized individuals. • Required access controls consist of facility security plans, maintenance records, and visitor sign-in and escorts. • Policies are required to address proper workstation use. Workstations should be removed from high traffic areas and monitor screens should not be in direct view of the public. • If the covered entities utilize contractors or agents, they too must be fully trained on their physical access responsibilities

  7. Technical Safeguard • To protect communications containing PHI transmitted electronically over open networks from being intercepted by anyone other than the intended recipient. • When information flows over open networks, encryption must be utilized • Ensure data integrity • Ensure no unauthorized change or deletion • Authenticate entities it communicates with

  8. The Unique Identifiers Rule (National Provider Identifier) • Providers completing electronic transactions, healthcare clearinghouses, and large health plans, must use only the National Provider Identifier (NPI) • To identify covered healthcare providers in standard transactions • 10-digit identification number issued to health care providers • HIPAA 101

More Related