The Health Insurance Portability and Accountability Act (HIPAA) of 1996 mandates significant changes in the legal and regulatory environments governing the provision of health benefits, the delivery and payment of healthcare services, and the security and confidentiality of individually identifiable, protected health information.
HIPAA makes it easier for individuals and small businesses to get and keep health insurance. To reduce the cost of health insurance, HIPAA also includes an administrative simplification section to encourage electronic transactions. Due to the electronic transactions, HIPAA also has a host of new regulations to assure the security and privacy of electronically stored medical data. The regulations set standards for electronic transactions, the privacy of all medical records and all identifiable health information and the security of electronically stored information.
To be compliant, a healthcare practice must implement procedures mto provide patients access to their medical information including providing copies at their request, an ability to make amendments their records, and accountings of any and all disclosures made of their medical information for any use other than treatment, payment, and firm operations
Each practice must notify each patient of these rights with a “Notice of Privacy Practices.” This notice must include the patient’s rights, the practice’s HIPAA policies, and the address of where to complain.
Fines, penalties and possible jail time can be imposed for non-compliance.