The Health Insurance Portability and Accountability Act of 1996
To improve the efficiency and effectiveness of the health care system, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 included provisions that required the Department of Health and Human Services to adopt national standards for electronic health care transactions. At the same time, Congress recognized that advances in electronic technology could erode the privacy of health information. As a result, Congress incorporated into HIPAA provisions that mandated the adoption of Federal privacy protections for individually identifiable health information.
This Privacy Rule, with a compliance date of April 14, 2003, sets national standards for the protection of health information, as applied to three types of covered entities: health plans, health care clearinghouses, and health care providers who conduct certain health care transactions electronically. By the compliance date of April 14, 2003, covered entities must implement standards to protect and guard against the misuse of individually identifiable health information. Failure to implement these standards may trigger the imposition of civil or criminal penalties.
The Privacy Rule establishes, for the first time, a foundation of Federal protections for the privacy of protected health information. The Rule does not replace Federal, State, or other law that grants individuals even greater privacy protections, and covered entities are free to retain or adopt more protective policies or practices. The HIPAA Privacy Rule protects and individuals’ medical records and other personal health information. For patients, it means being able to make informed choices when seeking care and reimbursement for care based on how personal health information may be used.
Health care providers have a strong tradition of safeguarding private health information. In the present day, with information broadly held and transmitted electronically, the Rule provides clear standards for the protection of personal health information. For the average health care provider or health plan, the Privacy Rule requires activities, such as:
Notifying patients about their privacy rights and how their information can be used.
Adopting and implementing privacy procedures.
Training employees so that they understand the privacy procedures.
Designating an individual to be responsible for seeing that the privacy procedures are adopted and followed.
Securing patient records containing individually identifiable health information so that they are not readily available to those who do not need them.
Many responsible health care providers and businesses already take many of the kinds of steps required by the Rule to protect patients’ privacy.
Pasquotank – Camden Emergency Medical Services strives to safeguard your private health information. To understand how medical information about you may be used and disclosed by our agency, please review our Notice of Privacy Practices.
Billing HIPAA History Links Pictures Programs Staff