What is HIPAA?
HIPAA stands for Health Insurance Portability and Accountability Act. The law was passed in 1996 by the United States legislation. It ensures data privacy and other security provisions for protecting medical information.
What Does HIPAA Do?
HIPAA is responsible for the following:
- When a person moves from one location to another within the US or loses his/her job, the HIPAA ensures the ease of transfer and continued health insurance coverage to the individual and his/her family.
- It works to reduce frauds and abuse of healthcare.
- It regulates healthcare information with the help of industry-wide mandates.
- It ensures that sensitive healthcare information is protected and handled confidently.
Why is HIPAA Important for Healthcare?
Healthcare organizations need to document patient information on the basis of HIPAA. This helps them to:
- Meet HIPAA compliance
- Save time and month, since all records are well organized
- Make internal and external audits easier
Which Documents Need to be HIPAA Compliant?
Here are the categories and corresponding examples of documents that need to be HIPAA compliant.
Categories |
Examples of Document |
Risk Plans and Analysis |
|
Employee Related Information |
|
Business Growth Documents |
|
Descriptions of Physical Location |
|
Disaster Management Protocol |
|
Rules and Procedures |
|
What is Addressable Versus Required in HIPAA Compliance?
There is a significant difference between the terms “addressable” and “required” for HIPAA Compliance.
- Required (R) – The given standard is mandatory and must be complied.
- Addressable (A) – The given standard must be implemented by default unless extensive in-depth risk analysis and assessments determine that the implementation is not appropriate for the current business setting.
Remember that addressable does not imply it is optional.
What are the Steps in Becoming HIPAA Compliant?
Step 1: Understand the Basics
Start by checking out the resource HIPAA for Professionals, published by the HHS (Department of Health and Human Services).
Step 2: Identify your Designation
Decide whether you are a Covered Entity or a Business Associate
Step 3: Identify the HIPAA Rules
This includes the following rules:
- Security
- Privacy
- Breach Notification
Step 4: Identify Controls
Check out the controls required for HIPAA compliance.
What is a Simple Way of Becoming HIPAA Compliant?
Rather than going through the stringent and complex process of becoming HIPAA compliant, you can simply opt for a fully-insured and completely HIPAA compliant document management company to serve your unique needs.
What Happens if You Fail to Meet HIPAA Compliance?
Failure in HIPAA compliance invites both civil and criminal penalties.
Civil Penalties |
|
Tier |
Fines |
|
$100 – $50,000 for each violation, with a maximum fine of up to $1.5 million in a year |
|
$1000 – $50,000 for each violation, with a maximum fine of up to $1.5 million in a year |
|
$10,000 – $50,000 for violation, with a maximum fine of up to $1.5 million in a year |
|
$50,000 for each violation, with a maximum fine of up to $1.5 million in a year |
Criminal Penalties |
|
Tier |
Potential Jail Sentence |
Unknowingly with reasonable causes |
Up to one year |
Under false pretenses |
Up to five years |
For malicious reasons or personal gains |
Up to ten years |