Chapter 11by Dee McGonigle, Kathleen Mastrian,

and Nedra Farcus

Overview of Health Insurance Portability and Accountability Act

(HIPAA) of 1996

Key Terms Defined

• American National Standards Institute (ANSI)

• Center for Medicare and Medicaid Services (CMS)

• Confidentiality

• Consequences

Key Terms Defined

• Electronic Data Interchange (EDI)• Electronic Health Record (EHR)• Extensible Markup Language (XML)• Gramm-Leach-Bliley Act (GLBA)

Key Terms Defined

• Health Information Portability and Accountability Act (HIPAA)

• Health Information Technology (HIT)• Health Level 7 (HL7)• Information Technology (IT)

Key Terms Defined

• International Standards Organization (ISO)

• National Provider Identifier (NPI)

• Open Systems Interconnection (OSI)

• Privacy

Key Terms Defined

• Protected Health Information (PHI)

• Regional Health Information Organizations (RHIO)

• Rights

• Sarbanes

Key Terms Defined

• Security

• Standards Developing Organizations (SDOs)

• Standard Generalized Markup Language (SGML)

Overview of HIPAA

• The Health Insurance Portability and Accountability Act (HIPAA)

• The Office for Civil Rights (OCR) • Security and Privacy• Implementation Problem

Overview of HIPAA

• Administrative Simplification• Privacy Requirements• 2002 US Department of Health and Human

Services• Electronic Transaction and Code Standards

Overview of HIPAA

• Security Requirements• Needed Safeguards• HIPAA was the first of it’s kind• As information increases, need will prevail

Overview of HIPAA

• HIPAA Standards • “The American National Standards Institute

(ANSI) X12N • Health Level 7 (HL7) Standards

Organizations • ISO

United States and Beyond

• The Gramm-Leach-Bliley Act (GLBA)

• Sarbanes-Oxley Act (SOX)

HIPAA

• HIPAA Privacy Rule

• Covered Entities

Thought Provoking Questions

1. Why is it important to establish patient ownership of the health care record?

2. What are the potential negative consequences of the proposed right of amendment and correction of healthcare records by patients?

Thought Provoking Questions

3. One of the largest problems with healthcare information security has always been inappropriate use by authorized users. How will the proposed regulations help to curb this problem?

4. How do you envision HL7 and HIPAA evolving in the next decade?

Thought Provoking Questions

5. Imagine that you are the designated Privacy Officer in a healthcare institution.

• What types of monitoring procedures would you develop?

• What would you include in your sanctions for violations policy?

Thought Provoking Questions

7. How would you address the following? a. Tracking each point of access of the patient’s

database including who entered the data

b. Nurses in your hospital have an access code that only gives them access to their Unit’s patients. A visitor accidently comes to the wrong unit looking for a patient and asks the nurse to find out what unit the patient is on.