Understanding Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability ActPenalties for non-compliance can include fines that
or HIPAA has two purposes. The first, "portability,"range from $100 per person per violation up to $25,000
allows an employee to keep their current healthper year and/or up to ten years imprisonment.
insurance even if they should happen to leave theirThe process is complaint driven and only covers health
current place of employment. This is easily donecare providers and health plans. It doesn't mean that a
thanks to plans such as COBRA. The second part,friend or family member can't discuss someone's
"accountability," means that the government can nowmedical issues with another party. Relatives may talk
regulate healthcare providers, health plans, payers,freely about what they may have discussed with
clearinghouses, and anyone else that might coordinatehealth care providers. Journalists may report on a
health data, for complete privacy and security. If ansubject's medical condition, but the information that can
employer provides any type of on-site health care, thatbe disclosed by a doctor or hospital is limited. These
employer must also comply by HIPAA standards.restrictions also don't apply to police, firefighters,
It means that if personal information is stored oncoaches, trainers or teachers.
computer databases, tapes, disks, or transmitted withIf you feel your privacy has been violated, you can
the assistance of faxes or the Internet, in addition toissue a complaint with your healthcare provider or the
anything written down or talked about, steps must beDHHS. Your health information is privileged and anyone
taken to ensure a patient's privacy. This also meanscan use this information against you. The HIPAA was
that, in addition to protecting your privacy, the electronicdesigned to combat this. Your health care professional
exchange of financial or administrative informationnow has to make sure your information stays
must now be standardized.confidential unless you request otherwise.