Sunday, December 12, 2010

Legal requirements of HIPAA

1996 Adopted the Congress the health insurance portability and Accountability Act of 1996. I the HIPAA part protecting cover to change health insurance for workers and their families, when employees lose their jobs or careers. Part II protects the confidentiality of health through the establishment of specific national standards for electronic medical records storage information and dissemination of medical information. Each part of the HIPAA contains certain minimum requirements. HIPAA ITitle title sets the requirements for health insurance to employees offer. Under title I includes a condition for a maximum of 12 months after the entry in the plan health (or up to a maximum 18 months for late registration) to the exclusion of pre-existing condition (a clause in the insurance limited coverage of pre-existing conditions). This exclusion period be shorter if the insured person new 'creditable coverage"before enrolling. Creditable coverage a term is used, each covered by a group or individual describe or a government program. Support enabled cover can reduce the waiting time for the duration that the person has already been both that covered, was it not more than 63 days break within easy reach. Excluded benefits separately from the general health care plan for title I requirements. These benefits plans long include excluded term health plans, limited health, dental or vision plans are plans as long as you separate from the general scheme. HIPAA mandates that all exclusions including the existing collection be explained explicitly. Hidden periods of exclusion - like provisions that specify that insured persons have been wounded, as by the contract of insurance Maladi gedecktgenaue e - are only allowed after I.Title IITitle HIPAA title II is designed to protect privacy. Title II contains five series different requirements: • code sets rule- et • rule • rule • life security operations privacy unique identifier rule and rule from the application of the law. The provisions in title II designed are fraud within the health to protect the privacy care industry to improve the effectiveness and reporting standards control and dictate the rules that apply to private health care information. Departments.Covered EntitiesHealth HIPAA applies all "covered entities" including doctors and HMO and other health plans, health, health community groups, health care and billing plans, providers of health care providers and health care facilities comply with the HIPAA specifications. It comes to insurance health HMO health plans, Medicare, Medicaid, other government agencies the customer all caregivers provide health leading e-invoicing or commercial activity, doctors, clinics, hospitals, nursing, pharmacy, nursing homes, health care dentists and alternative health care provider. In other words, almost everyone is treated health records or electronic transfer subject to the HIPAA mandates written. HIPAA covers compensation carriers not life insurers, employers, workers, schools and school districts, State agencies (including the departments of children services or other child protection agencies) and right agencies.The run operations and transactions of RuleThe code sets and code sets rule requires the use of certain codes of a request for information CTmedizinische or billing for medical procedures. Each department orthe type of provider or service has its own operations and codes are used for electronic data. For example, local pharmacies must use, EDI retail pharmacy application operations, the reception of applications for insurance or the transmission of information between pharmacists and receiver billing professionals. Each of the various activities and other type of the provider are required to use a different set of transactions and code Spécifautomatiquement, adapted to the activity. The uniformity of these transactions and code sets can be electronic documents understandable and recognizable at national level, all the doctors, pharmacists and health care provider the same codes.The use this rule RuleThe security security mandates of specific requirements for the protection of electronic documents. Three different categories are processed by the security rule with their own compliance requirements: guarantees administrative • claim that all covered entities have documented a written set of procedures for the protection of personal data and privacy officer, appointed responsible for the design and implementation of the privacy policy. Written procedures to identify a subset of employees who have access to electronic health information. Certain restrictions on access, including the authorization, creation, modification and termination of employment must describe procedures. Administrative documents must demonstrate that a permanent training programme is available, to the safe handling of the information. If some company or record retention is specified, the management procedure cooperatives should also taken security measures, to ensure that third parties HIPAA explain. Finally, an emergency plan must in place dealing with supportrstützung and recovering data for emergencies. • Physical protection measures must be available. Control physical access to the protected data and include procedures for the introduction and removal of software and hardware, the destruction of material no longer used and the procedures for access to all computers that contains health information. There must be a method to determine who has access to these restricted computers and is given a book or record, the access and when. • Finally to technological protection measures to ensure that computer systems and networks are sure therefore protected information can be retrieved with wirelessly or through an open Network.The RuleThe the use and dissemination of "health information" by covered entities control rule protected. , A covered entity refers to all information under the control of a State of health of patients who received by person, health or payment for health care is protected health information, or personal. In other words, all medical records and billing patient data is generally personal. Rules for ISPs apply both to prevent the dissemination of information for consumers and the dissemination of information. A patient has request the right to their own ISP and covered entities have 30 days to communicate this information to the person. If a person has identified ISP error this individual claim the right to correct of these errors. A person has a right to discretion of dissemination of the ISP - for example, a person, wenigt ask home called for medical information. Covered entities can reveal certain enforcement of the Act, PHI be required if the mandateAccording to the law. For example, cases of child abuse, covered entities are required disclose PHI to child protection agencies. A covered entity may only the ISP to someone else for help patients with the permission of the person treatment or payment. If a covered entity SSI reveals information must be adapted closely the minimal information necessary for the purpose be divulged. The covered entity must inform the person your personal use and keep records of actual disclosure rule for unique identifier and the RuleThe unique identifiers rule enforcement has all covered entities including healthcare providers, insurers and centres covered personal identification number. The rule from the application of the Act contains civil and criminal penalties for the violation of other HIPAA rules or conditions.

No comments:

Post a Comment