Homepage About Us Contact Us Subscribers Account Management Area

The Health Insurance Portability and Accountability Act (HIPAA) is a significant health care reform law that passed Congress in 1996 and became law in 2001. It is also known as the Kennedy-Kassebaum Act.

Its primary purpose is to improve the efficiency and effectiveness of the health care system, help providers access patients’ health care information, standardize the way the information is handled , and ensure that patient health information remains strictly confidential.

Newsletter
Readiness Test
Introduction
History
Regulations
Compliance Dates
Enforcement
Strategies
Downloads
Glossary
Casualty Reports
Implementation Summary
Compliance Example
AN OVERVIEW OF HIPAA
As part of its Administrative Simplification section, HIPAA includes many requirements for managing and protecting “individually identifiable protected health information”. Such information refers to any physical or mental health information, as well as demographic, provisional, financial, or conditional information that can reasonably identify - or be identified with - a specific individual (as defined in section 1171(6) of the Social Security Act).

The HIPAA regulations, including the preamble, together with the Privacy and the Administrative Simplification Act run a staggering 1500 pages. “Administrative Simplification” at it's finest!
Maintaining privacy of medical records is now a legal requirement. All health care providers, and any individuals who come into contact with protected health information must comply or be subject to legal prosecution and/or civil litigation from patients or individuals affected from the unauthorized release or distribution of their protected health information.

However, ensuring that patient information is kept private and secure presents a technological challenge for all individual healthcare specialists, small professional groups, and medium size and larger organizations.

The need for privacy and information security is an essential requirement of HIPAA. Solid data security and protection against improper access and use of private information is a strict equirement.

Why does health information need secure access? Doctors, nurses, laboratories, chiropractors, optomitrists, massuses, hospital personnel, insurance agents, answering services and every other person in the healthcare industry can provide more efficient care to patients by accessing health information and ensuring that it’s correct.

Pharmacists can easily avoid prescribing conflicting medications; doctors can perhaps make faster diagnoses or prescribe minor treatment from a remote location. But medical records often contain information that individuals would like to keep secret from others.

A woman may not want her employer to know that she’s undergoing fertility treatments. A patient may not want anyone to know how many HIV tests he or she has had. Sometimes this information can simply be embarrassing; sometimes it can affect job status; sometimes it’s simply patient preference.

This much is for sure... HIPAA makes this very clear:

Individuals and organizations that maintain or transmit health information must “establish and maintain reasonable and appropriate administrative, technical and physical safeguards to ensure the integrity, confidentiality and availability of the information.” Health care individuals, organizations and any other entities that come into view of another person's health information or records must provide secure access.

HIPAA does not mention specific technologies that must be used. As a result, compliance methodolgies will vary from provider to provider, and from discipline to discipline.

The HIPAA regulations and guidelines generally follow the lead of the Privacy Act of 1974, stating that individuals must maintain confidence that their information is kept secure. As HIPAA clearly states, all health care providers are responsible for establishing and maintaining secure access to patient information!

Strict penalties can be levied on providers who fail to comply, from $100-per-incident fines for minor offenses to ten years in jail and a $250,000 fine for major offenses.
HIPAA Forms
Over 100 Customizable Templates. Includes Privacy and Security policies & procedures, authorizations, checklists and more.
Let's See
Subscriber's
Handbook
Our 'How-To' Guide. A simple roadmap for using our web site for compliance assistance and for satisfying HIPAA's requirements for training all your workforfce members. First time visitors click here.
Let's See
Workforce Training
It's Federal Law. All health care providers workforce members must be trained on HIPAA's Privacy and Security regulations.
Let's See
Training
Documentation
Monitor & Document Workforce Training. Not only is it a HIPAA requirement, but documenting your workforce training is your best bet for reducing your exposure to liabilities associated with breaches of confidentiality of health information.
Let's See
Training Webinars
Our Online HIPAA Privacy/Security Officer and Workforce Training Webinars. Two separate online presentations. One for Privacy & Security Officers and one for workforce members.
Let's See
HIPAA Testing
For Privacy/Secirity Officials and All Workforce Members. Two separate training tests - one for company Privacy/Security Officials and one for workforce members.
Let's See
Implementation
Guidelines
Hundreds of Detailed Privacy & Security Compliance Recomendations. Conveniently categorized for easy use.
Let's See
HIPAA Tutorials
Over 120 Online HIPAA Tutorials. Covering every aspect of HIPAA's Security & Privacy regulations.
Let's See
HIPAA FAQs
Thousands of Frequently Asked Questions. Conveniently categorized answers to over 3000 commonly asked HIPAA questions.
Let's See
HIPAA Directory
Thousands of HIPAA Products & Services. A gigantic HIPAA catalog containing listings of companies offering HIPAA compliant products and services.
Let's See

Read our Web Site Access License Agreement and Privacy Policy

Disclaimer: CAL HIPAA, LLC. obtains its information from sources it believes to be reliable. However, because of the possibility of human and mechanical error as well as other factors, CAL HIPAA, LLC. makes no representations or warranties, express or implied, as to the accuracy or timeliness of its information, and cannot be responsible or liable for any errors or omissions in its information or the results obtained from the use of such information. Information contained on this web site are statements of opinion and not statements of fact or recommendations and do not constitute legal advice. This web site utilizes independent information providers (IIPs) and independent product providers (IPPs). CAL HIPAA, LLC. is not a referral service and does not recommend or endorse any particular IIP or IPP. Rather, CAL HIPAA, LLC. is only an intermediary that provides limited information about IIPs and IPPs. We do not endorse or offer advice regarding the quality or suitability of any product from any IPP, or endorse or offer advice regarding the quality or suitability of any advice from any IIP, or particular provider for any reason, and no information on this Site should be construed as advice or as an endorsement. Users of this site are required to register and to agree, without exception, to our Web Site Access License Agreement. Users are solely responsible for determining whether the information provided on this Site is suitable for their purposes, and reliance on the information is at the user's sole risk. Users should obtain any additional information necessary to make informed decisions.