Medical insurance is massively important to those who live in the United States. The reason is that without it, the cost of medical treatment would be outrageously expensive and unaffordable for a large swathe of the population. As medical insurance is often a perk provided by employers in the U.S., the issue of what happens when employees are between jobs was a massive problem until 1996, at which time the HIPAA (Health Insurance Portability and Accountability Act) was introduced.
How Does HIPAA Help Individuals?
As mentioned above, HIPAA ensures that employees do not face a loss of insurance cover when they are between jobs. It is also beneficial to the individual because healthcare providers must make sure that all ‘protected health information’ is stored appropriately with sufficient security to avoid it falling into the hands of unauthorized third-party individuals.
Healthcare providers are required by law to safeguard patient information. Indeed, non-HIPAA compliance carries severe consequences, say the experts at Find-A-Code.com, an online database of medical billing codes. They explain that there are strict controls in place and that patients have the control over who their information is shared with.
This allows patients to obtain a copy of their health records if they are concerned that any mistakes have been made. They can also get a copy of their record when moving from one healthcare provider to another. Before the HIPAA act, healthcare providers were not obliged to provide copies of health records to patients.
The Importance of HIPAA Compliance
Healthcare providers must ensure that all sensitive patient data is kept private and secure. This includes both physical and digital records. For digital records, this usually means encrypting data so that in the unlikely event that a healthcare provider’s computer system was hacked and the data stolen, it could not be accessed without the appropriate decryption key.
Data security, particularly in the healthcare field, is of growing importance. Check out the infographic below for more information on why it’s become so significant and how to implement security measures of your own.
Infographic provided by MCRA, a global clinical research organization
For physical paper records, strict guidelines for use and storage tend to apply to all authorized personnel. For example, a patient file must be always kept together, apart from when a page or two must be removed briefly for copying.
When the files are being used or are in transit, all personal identifying information must be covered. Files should never be left unattended in any area of the medical facility. When storing the files, a locked cabinet is encouraged, and they should never be placed on open shelves in areas that can be accessed by unauthorized individuals. Larger institutions will have file rooms that can only be accessed by those with a key or access card. Others will employ a records manager who will sign records in and out to authorized personnel only.
Failure to keep medical information safe has serious consequences for healthcare providers. The penalties are determined by the level of negligence and are divided into tiers. Tier 1 violations, where the healthcare provider is deemed to have had no knowledge of the violation, are subject to fines of between $100 and $50,000. Tier 2 violations occur when the healthcare provider knew or should have known of the violation but where there was no willful neglect. The fines for this range from between $1,000 and $50,000 per case, with an annual cap of $1.5 million.
Third tier violations are classed under ‘willful neglect’. If the healthcare provider corrects the issue within thirty days, the fine will be between $10,000 and $50,000 per case. Tier 4 violations are classed as ‘willful neglect’ where the healthcare provider has made no attempt to correct the issue, and fines for this start at $50,000 per case.
Criminal penalties can also be issued if it is deemed the healthcare provider acted with deliberate intent.