HIPAA Policy Overview
The Health Insurance Portability and Accountability Act (HIPAA) became law in 1996. The law was originally designed to:
- Simplify the processing and distribution of medical information including claims, enrollment and payment information;
- Allow workers and their families ” portability ” of their coverage when they changed or lost their jobs;
- Give patients access to their own medical information and protect the storage, processing and transmission of that data.
The Administrative Simplification provisions of the Act were effective in 2002 and include:
- Requirements for the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans and employers;
- Privacy Rule guidelines addressing the protection of an individual’s protected health information ” PHI “;
- Security provisions that cover the transmission of electronic protected health information;
- Transactions and Code Set Rules that were established to simplify health care transactions by requiring all health plans to engage in a standardized way;
- The Enforcement rule that sets penalties for violating HIPAA rules and establishes procedures for investigations of HIPAA violations.
HIPAA assigns covered entities with the responsibility of securing patient health information and enforcing confidentiality standards. Covered entities include healthcare information networks, health plans, and health care providers. Organizations must adhere to rules involving patient privacy and security by implementing HIPAA administrative and technology-based procedures. CerpassRx recognizes the importance of HIPAA and as such, has designated a HIPAA Privacy Officer responsible for the organization’s compliance with this law. You may contact our HIPAA Privacy Officer directly at: firstname.lastname@example.org.