If you've ever been to any type of physician, chances are you've had to read and sign a document notifying you of the company's HIPAA compliance. If you're like most people, you probably scan through the content without really reading it before blindly signing your name on the dotted line. And although you may know the basic concept of HIPAA compliance, you probably are not entirely familiar with what the term actually means. Well, if you've ever been curious about what exactly you're signing, continue reading to learn just what HIPPA compliance is all about.
History
In 1996, the United States government passed the Health Insurance Portability and Accountability Act (HIPAA). Designed to make the healthcare field run more efficiently, the act defined what was meant by a preexisting condition, set regulations about healthcare coverage for individuals who lose their insurance benefits and set privacy standards for individuals' medical history.
Function
The primary purpose for establishing HIPAA was to help ensure that the healthcare and insurance industries treated all individuals equally. In order to do this, HIPAA set forth basic rules to regulate the availability of individual and group health insurance policies and defined offenses and penalties for violating these rules.
Format
The HIPAA laws are divided into two sections, or titles. In Title 1, the act addresses group and individual health insurance, limiting the restrictions insurance companies can place on preexisting conditions and establishing insurance regulations to protect an individual when he or she loses or changes jobs. Title II then defines the types of healthcare offenses, such as fraud and abuse, and sets penalties for those offenses.
Additional Issues Addressed
Since HIPAA was established in 1996, many updates have been made to the act. On April 14, 2003, the Privacy Rule was established in order to protect the privacy of an individual's medical history, which is defined as Protected Health Information (PHI). Under the Privacy Act, it is illegal to disclose any type of PHI (which includes records and payment history) to any individual or company other than the person's health insurance or medical provider, without his or her permission. The Privacy Rule also allows an individual to access his or her PHI if needed. In addition to the Privacy Act, HIPAA compliance was updated to include regulations regarding electronic transactions. In 2007, HIPAA also made it mandatory for all healthcare providers to use a National Provider Identifier (NPI), which is a unique 10-digit number that identifies each healthcare provider to the United States' Centers for Medicare and Medicaid Services department (think of it as a social security number for healthcare providers).
Enforcement
Due to all of the updates made to the act, in 2006, the government established The Enforcement Rule, which required all healthcare providers to comply with all rules and regulations set forth in the HIPAA laws. The Enforcement Rule established a strict deadline for HIPAA compliance (March 16, 2006) and announced penalties for violation of the HIPAA compliance after that date.
Considerations
So, to sum things up, when you sign that seemingly unimportant HIPAA Compliance form, you are acknowledging that your healthcare provider has informed you of the HIPAA laws and has maintained their compliance with those laws. So, while it's never a good idea to sign something without reading it, at least now you know what all the fuss about HIPAA Compliance is about.
Tags: HIPAA compliance, health insurance, healthcare providers, HIPAA laws, Enforcement Rule