Wondering about HIPAA and how it factors into everyday medical practice? Here is a brief guide to what HIPAA is and what it means for healthcare facilities around the country.
The federal Health Insurance Portability and Accountability Act, commonly known as HIPAA, is a piece legislation first passed in 1996 that today is central to how healthcare facilities operate around the country. Its primary goals are to make it easier for people to keep health insurance, protect the security and confidentiality of private healthcare information, and help the healthcare industry control administrative costs.
HIPAA’s many dimensions
HIPAA is comprised of multiple titles or sections that each address a different aspect of health insurance reform. There are five titles total, the most commonly discussed titles being Title I and Title II.
Title I deals with portability, allowing individuals to carry their health insurance from one job to another in order to avoid a lapse in coverage. It also regulates the availability and breadth of group health plans and some individual health insurance policies.
Title II deals mainly with administrative simplification, establishing standards for receiving, transmitting, and storing healthcare information to ensure the privacy and security of personal identifiable information. In addition, this section outlines numerous potential violations relating to health care and sets penalties for these violations. Title II is where you’ll find the Privacy Rule, which regulates the use and disclosure of protected health information held by covered entities. The term “covered entities” generally refers to medical service providers, medical insurers, health care clearinghouses, and employer sponsored health plans.
Titles III through V are less commonly discussed, but they still have a tremendous impact on the healthcare industry. Title III standardizes how much a person can save in a pre-tax medical savings account; Title IV details conditions for group health plans that are to cover persons with pre-existing conditions; and Title V includes provisions relating to company-owned life insurance policies and treatment of individuals who lose US citizenship.
What HIPAA protects
HIPAA protects PHI, or protected health information, which is an individual’s health information and/or demographic information. Any information that, even without revealing a person’s name, reveals a person’s identity is considered PHI. Examples of PHI include names, birthdates, dates of receiving medical treatment, contact information, social security numbers, medical records numbers, photographs, and fingerprints. A health provider can only disclose PHI if that disclosure deals with treatment, payment, or operations—or if the information is mandated by law.