"HIPAA" stands for The Health Insurance Portability and Accountability Act of 1996.
The law consists of several parts, including a section that addresses portability of insurance coverage, which is designed to help protect health insurance coverage for workers and their families when they change or lose their jobs. That part of HIPAA was effective in 1996.
The more recent regulations pertain to another part of the law, known as "Administrative Simplification." The Administrative Simplification provisions are designed to reduce the administrative costs of providing and paying for health care by standardizing electronic transactions and code sets. Administrative Simplification also contains requirements to protect the privacy and security of Protected Health Information (PHI) and will provide for national identifiers for providers, employers and health plans in the future.
Health plans (including insurers and self-funded group health plans), health care clearinghouses and health care providers who engage in electronic transactions are covered by the Administrative Simplification requirements of HIPAA. These are known as "covered entities." To a lesser degree, employers and business associates of covered entities are also affected. Donley Benefits Consulting supports our members' right to privacy, as well as the administrative efficiencies that can result from the implementation of standard data formats.
Privacy-Implemented April 14, 2003
The Privacy Rule, which took effect April 14, 2003, requires that covered entities establish policies and procedures to protect certain individually identifiable health information referred to as Protected Health Information (PHI), which is stored or transmitted in any form or medium: electronic, paper or oral. The regulations allow the use and disclosure of PHI without authorization for the purposes of treatment, payment or administration of the health-benefits plan. However, most other uses or disclosures, such as marketing a product or service, require written authorization from each individual involved. The Privacy regulations also extend certain rights to individuals, such as the right to access and request amendments to their PHI and to receive notices describing how their PHI is used and disclosed.
Electronic Transactions and Code Set Standards-Implemented
October 16, 2003
This regulation requires that providers, group health plans, and health care clearinghouses use industry-wide standard formats and coding for common electronic interfaces and transactions. Employers may choose to adopt federal standards for transmitting data for premium and eligibility transactions.
For a complete version of the HIPAA law see the United States Department of Health & Human Services website at http://www.hhs.gov/ocr/hipaa/finalreg.html
4653 Statesmen Drive, Indianapolis, IN 46250
317-849-3282 * 800-382-5220 * Fax 317-849-3436