The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was designed to protect individuals' health information from inappropriate use. Protected health information includes past, present, or future payment for the provision of health care to an individual who identifies or could be used to identify the individual. Under HIPAA, employers who collect or access personal health information to provide employee benefits cannot use or disclose protected health information without consent or authorization from the individual. (Bennett-Alexander & Hartman, 2004, p. 731) Below are the most important points regarding HIPAA.
* The HIPAA was enacted by the U.S. Congress in 1996
* Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs
* Title II of HIPAA, the Administrative Simplification provisions (AS), requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers
* Title II also addresses the security and privacy of health data.
These standards are meant to improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in the U.S. health care system
* The AS provisions are only applicable to covered entities which include health care providers which engage in electronic transactions, health plans, and health care clearinghouses.
* The HIPAA privacy provision took effect on April 14, 2003
* Individuals must be able to access their record and request correction of errors
* Individuals must be informed of how their personal information will be used
* Individuals protected health information (PHI) cannot be used for marketing purposes without the explicit consent of the involved individuals
* Individuals can ask covered entities which maintain PHI about them to take reasonable steps to ensure that...