10 November 2018
HIPAA Confidentiality is something that anyone involved in the medical field needs to understand. Healthcare workers need to understand each part of the Health Insurance Portability and Accountability Act and abide by it. The HIPAA involves providing confidentiality and protection of the patient’s health information and allowing the patient to retain health coverage or portability. It is a law that must be followed or there are penalties for breaking it. HIPAA is a major function in all aspects of the healthcare field and needs to be taken seriously by anyone working in that field of study.
President Bill Clinton signed HIPAA into law in 1996. The act was created to not only protect a person’s health insurance information but also allow the portability of the coverage to go with the person to a new job. Prior to HIPAA, there was not a “set of security standards or general requirements for protecting health information” (HHS, 2013) within the healthcare field. With the technologies advances taking place, new rules needed to be in place to protect personal health information. The use of computers to process claims, access health information across state lines, and eliminate the need for numerous papers were also reasons HIPAA was needed. But the ultimate need was the confidentiality of a person’s health information.
The HIPAA Privacy Rule was created to protect “all individually identifiable health information that is held or transmitted by a covered entity or business associate.” (Rouse, Biscobing, ; Sutner, 2017) The information can be in oral, paper or digital form and is otherwise known as PHI (Personal Health Information). This includes the name, address, social security number and birthday plus any information about the patient’s physical condition. The information contained in the patient’s health record cannot be disclosed without authorization of the patient or representative. The procedures are there not to hinder but rather to help keep the PHI safe.
Along with the general HIPAA law to protect a person’s health information and portability of their insurance; the HIPAA Security Rule “came into force two years after the original legislation on April 21, 2005.” (HIPAA Journal, 2014-2018) This security rule was to help protect three things: Administrative, Physical, and Technical. The Administrative was for procedures which must be followed. The Physical was to limit access to data to protect it from unauthorized access. The Technical was for submitting claims electronically and protect it during the process. All these were done to have a safe and fluid method of handling personal health information.
There are penalties for violating the HIPAA policy including and not limited to fines and possible prison time. The fines can range from $100 per violation for unknowingly violating HIPAA to $50,000 for willful neglect and it not be corrected within a specified time period per violation. Not only is here a monetary penalty there can be in some cases imprisonment from one year up to as many as 10 years. (AMA, 1995-2018) The healthcare employees need to make sure to fully understand each rule to ensure they do not violet portions of it. So being aware of the dangers of violating the HIPAA law is quite important.
Here are some of the more common violations of the HIPAA law. The health care provider failing to secure PHI (Patient Health Information). This includes not locking filing cabinets or using safe passwords. Another is the use of unencrypted data can allow the information to be stolen or lost. Without sufficient training, employees will not be educated on the proper policies and procedures that have been put into place to safeguard the PHI. Another violation that people may not even be aware of doing is gossiping. Employees need to be careful what they share with others. There are quite a few other violations other than the ones listed here. As a healthcare worker, people should fully understand each part of the HIPAA law. This can protect not only the healthcare worker but also the patient as well. It ultimately comes down to training the employees on the rules.
In conclusion, HIPAA Confidentiality is a major function in all aspects of the healthcare field and needs to be taken seriously by anyone working in that field of study. Workers in the healthcare field need to be well-trained and understand fully the Health Insurance Portability and Accountability Act. The HIPAA Privacy Rule is used to protect the personal information of patients. The HIPAA Security Rule is for procedures which are to be followed, limits access to data, and protect the electronic claims process. If the law is broken, there are penalties in place for anyone in violation of it. They can include fines and even prison for the severe cases. HIPAA is there to not only protect the patient health information but also the employees and providers.
AMA. (1995-2018). HIPAA Violations & Enforcement. Retrieved November 11, 2018, from https://www.ama-assn.org/practice-management/hipaa-violations-enforcement
HIPAA Journal. (2014-2018). HIPAA History. Retrieved from https://www.hipaajournal.com/hipaa-history/
HHS Office of the Secretary, Office for Civil Rights, & OCR. (2013, July 26). Summary of the HIPAA Security Rule. Retrieved November 10, 2018, from https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html
Rouse, M., Biscobing, J., & Sutner, S. (2017, July). What is HIPAA (Health Insurance Portability and Accountability Act)? – Definition from WhatIs.com. Retrieved November 10, 2018, from https://searchhealthit.techtarget.com/definition/HIPAA