| The Health Insurance Portability and Accountability Act (HIPAA) of 1996 brings significant change to the legal and regulatory environments that govern the provision of health benefits, the delivery and payment of healthcare services, and the security and confidentiality of individually identifiable protected health information. HIPAA makes it easier for individuals and small businesses to get and keep health insurance. To reduce the cost of health insurance, HIPAA also includes an administrative simplification section to encourage electronic transactions. Due to the electronic transactions, HIPAA also has a host of new regulations to assure the security and privacy of electronically stored medical data. HIPAA provisions are imposed upon group health plans and issuers. Eligibility for an individual's enrollment in a group health plan is determined according to the terms of the health plan and the rules of the issuer, but not according to an individual's health status or that of an individual's dependent. These rules and terms must comply with all applicable State laws. To be compliant, a healthcare practice must implement procedures to provide patients access to their medical information including providing copies at their request, an ability to make amendments their records, and accountings of any and all disclosures made of their medical information for any use other than treatment, payment, and firm operations Each practice must notify each patient of these rights with a "Notice of Privacy Practices." This notice must include the patient’s rights, the practice's HIPAA policies, and the address of where to complain. What’s the risk for non-compliance? Fines, penalties and possible jail time. - OR - |