Monday 23 November 2015

The HIPAA Compliance

HIPAA Compliance is a Federal government-based mandated standard medical and healthcare entities must meet, which is designed to protect the rights and privacy of patients.

The HIPAA (Health Insurance Portability and Accountability Act) is established by the United States Department of Health and Human Services (HHS) and sets forth guidelines for how industries and professionals in the medical and healthcare fields save, access, share or distribute electronic protected healthcare information, or (ePHI).

There are several facets of the guideline. One is Control Access. Affected industries must ensure access to sensitive medical information is limited to as few people as possible, those who access such information are properly tracked and logged and that their establishment have contingency plans in place which ensure medical information can be accessed in the event the operating system goes down. Another expectation of the guideline is Audit Control. Industries who need to maintain HIPAA compliance checklist must ensure medical records are easily accessible. Entities that are HIPAA Compliant will also maintain the integrity of their system, which demands safeguards be in place to prevent sensitive information from being altered or destroyed and that identities of anyone who requests access to such records be established before it is released. Security is another aspect of HIPAA compliance. Those who meet the standard will employ security measures that protect ePHI information from being observed by unauthorized persons during any type of electronic transfer.

Who Needs To Be HIPAA Compliant?

The HHS separates compliance into two categories: Covered Entities and Business Associates. Covered Entities are companies are individuals who directly operate in the medical or healthcare industries and include physicians, hospitals, nursing homes, pharmacies, healthcare companies, Health Maintenance Organizations (HMOs), Medicare and Medicaid. The other category is classified as Business Associates. This group comprises any business or establishment, which performs a specific task for a Covered Entity, which might expose them to ePHI information. Internet providers, banks, accountants and attorneys fit this category.

0 comments:

Post a Comment