 HIPAA"
is an acronym for the Health Insurance Portability & Accountability Act of
1996 (August 21), Public Law 104-191, which amended the Internal Revenue
Service Code of 1986. Also known as the Kennedy-Kassebaum Act, the Act includes
a section, Title II, entitled Administrative Simplification, requiring: |
|
|
Improved efficiency in healthcare delivery by
standardizing electronic data interchange, and
|
|
|
Protection of confidentiality and security of health data through setting and
enforcing standards.
|
|
|
More specifically, HIPAA called upon the Department of Health and Human
Services (HHS) to publish new rules that will ensure:
|
|
|
Standardization of electronic patient health, administrative and financial data
|
|
|
Unique health identifiers for individuals, employers, health plans and health
care providers
|
|
|
Security standards protecting the confidentiality and integrity of
"individually identifiable health information," past, present or future.
|
|
|
The bottom line: sweeping changes in most healthcare transaction and
administrative information systems.
|
|
| Virtually
all healthcare organizations – including all health care providers, health
plans, public health authorities, healthcare clearinghouses, and self-ensured
employers – as well as life insurers, information systems vendors, various
service organizations, and universities are affected by the new HIPAA
regulations |
| HIPAA
Compliance requirements include: |
|
|
Building initial organizational awareness of HIPAA
|
|
|
Comprehensive assessment of the organization's privacy practices, information
security systems and procedures, and use of electronic transactions
|
|
|
Developing an action plan for compliance with each rule
|
|
|
Developing a technical and management infrastructure to implement the plans
|
|
|
Implementing a comprehensive implementation action plan, including :
|
|
|
Developing new policies, processes, and procedures to ensure privacy, security
and patients' rights
|
|
|
Building business associate agreements with business partners to support HIPAA
objectives
|
|
|
Developing a secure technical and physical information infrastructure
|
|
|
Updating information systems to safeguard protected health information (PHI)
and enable use of standard claims and related transactions
|
|
|
Training of all workforce members
|
|
|
Developing and maintaining an internal privacy and security management and
enforcement infrastructure, including providing a Privacy Officer and a
Security Officer
|
|
| Our products
, all of them are HIPAA compliant.PRIMEWEB has 128 bit encryption. |