­

HIPAA Then vs. HIPAA Now

While it helps to know how HIPAA developed, it is more important to realize that all phases are now active. By understanding the cumulative effect of all of the privacy and security laws on your practice you can avoid costly fines and penalties.

Where Did These Laws Come From?

Most of the fines dealing with the loss of control of Protected Health Information are an effect of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). The original HIPAA rules were upgraded in 2006, sometimes called the HIPAA Administration Simplification (AS) or HIPAA II. HIPAA was upgraded again in 2009, with the introduction of the Health Information Technology for Economic and Clinical Health Act (HITECH Act).

HIPAA Titles

HIPAA Title I mandated protection for health insurance coverage for workers and their families when they change or lose their jobs.

HIPAA Title II, called Administrative Simplification (AS):

  • Mandated national standards for electronic health care transactions;
  • Required national identifiers for providers (NPI numbers), health insurance plans, and employers;
  • Mandated the security and privacy of health data.

A major thrust of HIPAA was to encourage the widespread use of electronic data interchange in the U.S. health care system, in order to improve its efficiency and effectiveness.

HITECH Act

The American Recovery and Reinvestment Act of 2009 contained a strong adjunct to HIPAA called the Health Information Technology for Economic and Clinical Health Act (HITECH Act). Subtitle D of HITECH addresses the privacy and security concerns that are part of the electronic transmission of health information. From the providers’ perspective, HITECH adds teeth to HIPAA, and extends the privacy and security provisions of HIPAA beyond the providers to the Business Associates of Covered Entities. HITECH also introduced stiff penalties for data breaches, including provisions that require a covered entity to notify CMS and patients if a loss of data occurs.

HIPAA Then vs HIPAA Now

The reach and scope of HIPAA laws are expanding. Once they were an “inside the office, email or electronic file transfer” thing. Now they guard Protected Health Information (PHI) from initial visit through record storage, and beyond. This table shows the change in HIPAA rules between their inception and the present:

All-in-One HIPAA Compliance
and Risk Management Solution

VIEW MEMBERSHIP BENEFITS & PRICING
HIPAA Then vs HIPAA Now

Why HIPAA Compliance Training is Important

By |October 21st, 2015|Categories: HIPAA Training|

Why HIPAA Compliance Training is Important HIPAA Compliance is an ongoing process and one of the most important aspects of it is making sure that your staff members participate in compliance training and awareness [...]

Comments Off on Why HIPAA Compliance Training is Important

HIPAA Rules: Back to the Basics

By |October 7th, 2015|Categories: HIPAA Privacy|

HIPAA Rules: Back to the Basics The Health Insurance Portability and Accountability Act (HIPAA) is a complex piece of legislation that has undergone many additions and revisions since it was signed into law in [...]

Comments Off on HIPAA Rules: Back to the Basics

HIPAA Privacy Rule: Reviewing the Fundamentals

By |October 7th, 2015|Categories: HIPAA Compliance Requirements, HIPAA Privacy, Notice of Privacy Practices|

HIPPA Privacy Rule: Reviewing the Fundamentals Almost 20 years ago, the Health Insurance Portability and Accountability Act was signed into law to provide for the continuity of individuals’ health insurance coverage and to increase [...]

Comments Off on HIPAA Privacy Rule: Reviewing the Fundamentals