What is HIPAA?
HIPAA stands for Health Insurance and Accountability Act of 1996, and it primarily governs the way that health care records must be handled to preserve confidentiality of members as well as to protect against Medicare, Medicaid and insurance fraud. It makes it illegal and even criminal to mishandle any unique identifiers about any individual member.
How does it affect the individual?
For the individual, it is assuring that their information about their health and unique identifiers such as social security number, address or birthdate are protected and cannot be stolen. You must give specific instructions to healthcare providers and insurance companies about whom you will allow your healthcare information to be given to. This protects you from any unwanted information being shared with anyone and gives you peace of mind that your privacy is protected at all times.
How does it affect the Provider and Vendors?
Health care providers and vendors must be very careful with the way that they handle your personal information. Our OTC Supplemental Benefit program is seamlessly HIPAA compliant; all electronic files are all sent using secure FTP or with encrypted email so that the files can’t be accessed while they are being transferred. This protects the individual, the provider and the vendor. In addition to electronic communications, providers must be careful in the way that they handle hard copy communications. All printed material with unique identifiers is locked up while it is not in use and it must be disposed of by a recycling service that specializes in confidentiality. All garbage bins for confidential information must be kept locked and when they are emptied, the material needs to be shredded in an off-site facility.
Training is very important and all employees who have access to unique identifying information must be trained in the proper procedures for protecting member information. Employees should be held accountable for the protection of the information and any breaches in procedures need to be addressed by the provider or vendor quickly with their employees.
What are the penalties for not following HIPAA guidelines?
Penalties for not following HIPAA guidelines can be a combination of fines and jail time. These can vary depending upon the severity of the offense and whether it was intentional or negligence. That being said, fines have been known to reach into the millions of dollars.