Health Insurance Portability and Accountability Act (HIPAA) compliance is of the utmost importance to anyone in the medical field. The act, signed in 1996, safeguards your personal information by regulating those who handle it. Prior to the law, there were no safeguards on anyone’s health information. The act consists of five sections.

The first section protects the health insurance coverage of those who are changing jobs or have been fired. In addition, the first section prohibits insurance plans from disallowing coverage to those with pre-existing conditions.

The second section allows the Department of Health and Human Services (HHS) to set guidelines about how electronic transactions should be handled. A national requirement was also created, forcing health insurance organizations to provide a secure method to access private health data. The HHS would set these regulations.

The requirements to be maintained in order to be HIPAA compliant are all in the second section. These are a part of the National Provider Identifier Standard, the HIPAA Privacy Rule, HIPAA Enforcement Rule, HIPAA Security Rule, and the Transactions and Code Sets Standard.

The National Provider Identifier Standard requires that everyone involved in healthcare must have a ten digit national provider number (NPI). The HIPAA Enforcement Rule is the guideline within which health care workers are investigated for HIPAA noncompliance. The Transactions and Code Set Standard is the provision that maintains that digital data should be handled in a secure way.

The HIPAA Privacy Rule is the rule that protects all patient information. Healthcare professionals must train all employees in adherence to HIPAA, designate an employee to enforce HIPAA regulations, secure private information, and notify all patients of his or her privacy rights.

The HIPAA Security Rule sets the model for the security of electronic patient information. This rule enforces regulations placed upon the transfer, maintenance, and reception of patient data. The Security Rule is the rule that prohibits those in medical care from sharing information with unauthorized persons. One of the biggest transgressions is allowing a data breach. With all of the big breaches in online security recently, adherence to the security rule is of the utmost importance.

Section three simply implements tax standards for medical care and section four essentially builds upon section one. Lastly, section five refers to company owned life insurance.

When you are HIPAA compliant, you adhere to the aforementioned provisions. When you are not, however, you are subject to some very big fines. Fines can run anywhere from $100 to $50,000 depending on the severity of the offense. The fines have a ceiling of $1.5 million a year. Common complaints against health care providers include an over the disclosure of information, failure to adequately protect a patient’s information, failure to have valid authorization in disclosing information, and the failure to produce a patient’s own personal records.

Here at Nevada IT Solutions, we care about HIPAA compliance. We are here to help your company meet these standards and are available for all of your digital needs. We have several contacts that can also help in other areas. Please contact [email protected] for more details!