This rule establishes standards for protection of patient privacy rights, including controls on access and disclosure of personal data either inside or outside an organization. The privacy rule applies to paper records, as well as electronic records and messages, and is designed to restrict access to individual health data, allowing the minimum necessary access.
This rule establishes standards and requirements to ensure confidentiality and integrity of protected health information (PHI) in electronic records during transmission and storage. The rule requires administrative, physical and technical safeguards.
Keeping Your Practice HIPAA Compliant
In 1996 Congress enacted the Health Insurance Portability and Accountability Act to impose sweeping standards for the privacy and protection of all electronic health information that can be linked to an individual. Any entity providing medical or dental care must follow these standards.
Under this act there are several things your practice is required do that includes, but may not be limited to:
To remain compliant with this act each practice or covered entity is required to establish and implement if necessary a contingency plan in case of an emergency such as fire, vandalism, natural disaster, or system failure to protect the EPHI (Electronic Protected Health Information) data of your patients. This contingency plan should consist of:
Each practice is also responsible for implementing physical safeguards for protected information as follows:
The Health Insurance Portability and Accountability Act also known as HIPAA was put in place by Congress in 1996 to impose sweeping standards for the privacy and protection of all electronic health information that can be linked to an individual. It is also the purpose of this act to improve the efficiency and effectiveness of the health care system, by encouraging the development of a health information system through the establishment of standards and requirements for the electronic transmission of certain health information.
There are two main parts to this act: