HIPAA. The Health Insurance Portability And Accountability Act of 1996. HIPAA History and Objectives. Improve the efficiency of the health care system. Reduce the overall cost of health care and therefore the federal government’s future liability.
The Health Insurance Portability And Accountability Act of 1996
Standard code sets are required for selected data elements in more than one of the electronic transaction standards. Electronic transaction include transactions using ANY media, even when information is physically moved from one location to another using diskette, tape or CD media.
2. Privacy Rule
Defines who is authorized to access information. It is the right of individuals to keep information about themselves from being disclosed.
The ability to control access and protect information from accidental or intentional disclosure to unauthorized persons and from alteration, destruction or loss. This is the implementation of the Privacy Rules.
Fully effective October 16, 2003.
Fully effective April 14, 2003
Fully effective date for compliance enforcement Fall 2004
direct providers like hospitals
indirect providers like laboratories
any entity transmitting health information in electronic form.
$100 per violation up to $25,000 per year/standard/individual.
Up to $50,000 & 1 year imprisonment for obtaining or disclosing PHI.
Up to $100,000 & up to 5 years imprisonment for obtaining or disclosing PHI under “false pretenses”.
Up to $250,000 & 10 years imprisonment for obtaining PHI with the intent to sell, transfer, or use for commercial advantage, personal gain, or malicious harm.