In light of the recent data breaches that have befallen many top-tier businesses, it’s only natural that protecting client data tops the agenda for many of today’s businesses, and this is especially true in the healthcare industry. Although HIPPA, commonly referred to as the Health Insurance Portability and Accountability Act, was signed into legislation in 1996, some healthcare providers were lax in maintaining compliance, and as a result, sensitive patient data was often compromised.
In 2009, however, things changed; the U.S. Congress passed the HITECH Act, legislation that served to expand the breadth and scope of HIPPA. With the passing of HITECH, healthcare companies that maliciously, or through their own naivete, violated HIPPA compliance were subject to being penalized. Some of those penalties included the following:
- 10 years in prison, based on culpability
- Fined $50,000 per violation, capping off at $1.5 million per year.
Essentially, Congress made it abundantly clear that ignorance of the law will no longer be a defense for companies that did not maintain compliance. In addition to the previously mentioned fines, the Health Insurance Portability and Accountability Act was ameliorated to include the following:
- Annual assessments
- Health record access
- Extending HIPPA laws to business associates
All of the amendments to HIPPA were aimed at providing patients with greater peace of mind, enabling them to concentrate on receiving the best medical care possible without the threat of their sensitive data falling into the hands of unscrupulous individuals. The remainder of this article will focus on distilling some of the complexities that are inherent to the Health Insurance Portability and Accountability Act. Additionally, we will work to shine a light on who is impacted the most with the passing of this new legislation.
WHO DOES HIPPA IMPACT?
Whether you’re a patient visiting a health care provider, or you’re the health care provider treating a patient, the Health Insurance Portability and Accountability Act will apply to you. The primary objective of this law revolves around the following key areas:
- Helping individuals who are self-insured by their employers
- Helping those who are insured through their employer’s group coverage or through unions
- Ensuring that patient health information is protected
SAVING MONEY THROUGH HIPPA
Regardless of what side of the equation you find yourself, HIPPA will play a critical role when it comes to storing, maintaining, or transmitting patient data. In fact, HIPPA’s premise is rooted in safeguarding patient information from fraudulent activity. As a byproduct, however, HIPPA can save providers billions of dollars every year through the implementation of improved data systems, which are required by providers to maintain compliance.
WHY YOU SHOULD BE WELL-VERSED IN HIPPA COMPLIANCE
As previously noted, HIPPA is riddled with complexities, but that is no excuse for not working within its parameter; regardless of the size of your organization, it is critical that you remain in compliance. This task can be made easy by familiarizing yourself with HIPPA’s privacy and security rules. That said, HIPPA directives have been known to change, and therefore, you and your organization must be prepared to embrace these changes and adopt them into your workflow. By staying abreast of these changes, you can avoid noncompliance penalties that would otherwise cause a strain on your business.
The same can be said for the healthcare consumer; for example, the Health Insurance Portability and Accountability Act allows patients access to their health records; providers can no longer deny you access this information, nor can they charge a fee for providing you with that information. Also, HIPPA law extends to third parties who are working in collaboration with your doctor’s office, which means that when you have to have blood work done, the labs are also required to be HIPPA compliant as an extension of their involvement with the doctor’s office. All in all, HIPPA is a win-win for all parties operating in the healthcare space.