1 / 16

Health Insurance Portability and Accountability Act

Health Insurance Portability and Accountability Act. HIPAA. Riley Davis. Brief History. delivered in Congress in 1996 designed to protect health insurance coverage for workers and their families while between jobs  establishes standards for electronic health care transactions

wyome
Download Presentation

Health Insurance Portability and Accountability Act

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Health Insurance Portability and Accountability Act HIPAA Riley Davis

  2. Brief History • delivered in Congress in 1996 • designed to protect health insurance coverage for workers and their families while between jobs •  establishes standards for electronic health care transactions • addresses the issues of privacy and security • in 1996 consisted of just Title I and II

  3. Title IHealth Care Access, Portability, and Renewability • limits restrictions a group health plan can place on benefits for preexisting conditions • regulates coverage and availability to groups and individuals • eradicates hidden exclusion periods

  4. Title IIPreventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform • defines health care related offenses • outlines consequences • civil and criminal penalties • creates several programs to control fraud and abuse • demands the HHS create rules/regulations • use and advertising/sharing of PHI (Protected Health Info.) • 5 “Rules”

  5. PHI: • Any information held about health status, provision of healthcare, payment of healthcare, that can be linked to any individual • Any part of medical record or payment history

  6. Privacy Rule • Creates regulations for use/disclosure of PHI • Holders must disclose PHI within 30 days upon request by individual • Keep track of disclosures and document privacy policy and procedures

  7. Transactions and Code Sets Rule • Regulates how medical providers submit health care claims • Covers claiming injury and pharmaceuticals, as well as advice, enrollment and maintenance, eligibility/benefits, hoe claims are handled, and how/when notifications are sent out

  8. Security Rule • Deals specifically with Electronic Protected Health Information (ePHI) • Organized into 3 safeguards • Identifies security standards • Separates “required” and “addressable” standards • All required must be adopted

  9. Three Safeguards • Administrative Safeguard • Policies and procedures designed to lay out how holders will comply with act • Physical Safeguard • Controlling physical access to ePHI • Technical Safeguard • Control access to computer systems • Safeguard standards against hacks/interception of ePHI

  10. NPI: National Provider Identifier • 10 digits (may be alphanumeric) • Doesn’t mean anything other than an identity • Unique, never re-used • Holder can only have one

  11. Unique Identifiers Rule • All PHI holders using electronic communication must use a single NPI • NPI replaces all other identifiers

  12. Enforcement Rule • Defines civil penalties for violating HIPAA • Establishes procedures for investigations and hearings

  13. Effects: Research • Large decrease in patient follow up • Harder to recruit patients for studies • Information Consent Forms are required to go into copious amounts of detail on privacy

  14. Effects: Engineering • Changes how devices collect/store/share info • For every old/new device BMEs must consider • Type of ePHI • How has access • Who really needs access • Connections to other devices • Types of security • Physical • Technical • Types of equipment effected: • ventilators, ECG’s, MRI, CT Scanners, ultra sound, monitoring systems, etc.

  15. Citations Armstrong D, Kline-Rogers E, Jani S, Goldman E, Fang J, Mukherjee D, Nallamothu B, Eagle K (2005). "Potential impact of the HIPAA privacy rule on data collection in a registry of patients with acute coronary syndrome". Arch Intern Med165 (10): 1125–9. doi:10.1001/archinte.165.10.1125. PMID 15911725. Francis, T. (2006). Spread of records stirs fears of privacy erosion. The Wall Street Journal Grimes, S. (2001). When hipaa finally comes, will clinical engineering be ready?. The National Center for Biotechnology Information, Retrieved from http://www.ncbi.nlm.nih.gov/pubmed/11383309Title II: Grimes, S. (2003). The future of clinical engineering: the challenge of change. Manuscript submitted for publication, University of Rhode Island, Kingston, Rhode Island. Retrieved from http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=1195702&tag=1 HSS.gov. (n.d.). U.s. department of health & human services. Retrieved from http://www.hhs.gov/ocr/privacy/index.html Tribble, D. (2001). The health insurance portability and accountability act: security and privacy requirements. American Journal of Health-System Pharmacy, 58(9), Retrieved from http://www.ajhp.org/cgi/content/abstract/58/9/763

  16. Questions?

More Related