| |
| What
is Health Insurance Portability and Accountability
Act (HIPAA)? |
| HIPAA
is a 1996 Act of Congress that established
privacy standards for the use and release
of patients’ personal health information,
referred to as “protected health
information”. HIPAA sets national
standards to facilitate the electronic
exchange of health information. It also
sets standards for protecting the privacy
and security of health information transmitted
electronically. Although HIPAA was enacted
in 1996 the Privacy Rules clarifying HIPAA
did not take effect until April 2003. |
| Who
needs to comply with HIPAA? |
| Only
“covered entities” are required
to comply with HIPAA. A “covered
entity” is a health plan, health
care clearinghouse, and any health care
provider who conducts certain health care
transactions electronically, such as electronic
billing and fund transfers. |
| Generally,
what does HIPAA require the average health
care provider to do? |
| For
the average health care provider or health
plan, the Privacy Rules require covered
entities to: |
| |
|
| Who
can I contact if I want to report a HIPAA
violation? |
|
Anyone
can file a complaint with the U.S. Department
of Health and Human Services Office for
Civil Rights. Complaints to the Office
of Civil Rights must: (1) be filed in
writing, either on paper or electronically;
(2) name the entity that is the subject
of the complaint and describe the acts
or omissions believed to be in violation
of the applicable requirements of the
Privacy Rules; and (3) be filed within
180 days of when you knew that the act
or omission complained of occurred. Any
alleged violation must have occurred on
or after April 14, 2003 for OCR to have
authority to investigate.
If
the violation occurred in Arizona, contact: |