hipaa

The Health Insurance Portability and Accountability Act (HIPAA) is a United States federal law that ensures data privacy and enforces security measures to protect patient health information from disclosure without due consent or knowledge from the patient. HIPAA addressed some limitations on healthcare insurance in the U.S. and modernized the flow of healthcare information. HIPAA also specifies how personal data obtained by the healthcare and healthcare insurance industries should be safeguarded against theft and fraud.

What are the Five Titles of HIPAA?

HIPAA is divided into 5 titles.

  1. Title I (Health Care Access, Portability, and Renewability)- protects health insurance for people, including their families, who have lost or changed their jobs. Health plans cannot be withheld from a person with pre-existing medical conditions under this title.
  2. Title II (Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform)- implements national standards for electronic healthcare transactions which cover data privacy and security.
  3. Title III (Tax-related health provisions governing medical savings accounts)- uniformizes the amount each individual may save in a pre-tax medical savings account.
  4. Title IV (Application and enforcement of group health insurance requirements)- expounds on health insurance reform and details conditions for group health plans for those with pre-existing conditions.
  5. Title V (Revenue offset governing tax deductions for employers)- regulates life insurance policies held by the company and outlines how non-citizens of the United States should be treated and repeals the financial institution’s interest allocation rule.

What Entities are Covered by HIPAA?

Entities covered by HIPAA include individuals and organizations directly handling personal health information (PHI) and personal health records (PHRs) and are additionally mandated to follow the HITECH (Health Information Technology for Economic and Clinical Health) Act.

Entities covered by HIPAA are below.

  • Healthcare providers- any healthcare provider electronically transmitting information such as claims, benefit eligibility inquiries, and referral authorization requests.
  • Health plan providers- includes HMOs, long-term care insurers, and employer-sponsored group health plans.
  • Healthcare clearinghouses- entities processing non-standard data received from another entity into a standard and vice versa.
  • Business associates- include claims processing, data analysis, billing, and utilization review.

TechWaste Recycling uses the most up-to-date technology to erase and destroy medical equipment securely in accordance with HIPAA standards.

What are Examples of HIPAA Violations?

Examples of common HIPAA violations are the following.

  • Employees disclosing patient information
  • Stolen electronics containing PHI or PHR
  • Insufficient employee training
  • PHR mishandling
  • Unauthorized accessing of PHI or PHR
  • Use of PHI or PHR to commit fraud
  • Improper disposal of records

Related Terms: