HIPAA Rules and Regulations Discussion

User Generated




Research on HIPAA. Why was it implemented? Who has the responsibility for its oversight? Who/what does it regulate? What are some of the details in the regulation not discussed in the textbook? Also address who this regulation cover

Requirement : a two paragraph (250-word) response, 2 peer reviewed article citation

Details about HIPAA from textbook:

Health Insurance Portability and Accountability Act (HIPAA)

The Health Insurance Portability and Accountability Act (HIPAA) became law in 1996. The law protects a person’s privacy. If you handle someone’s health records, you must adheretoHIPAA.Thisincludesdoctor’soffices,hospitals,clinics,andinsurancecompanies. The law recognizes that digital data exchange of health records, such as between insurance companies and doctor’s offices, is a necessity. But in 2013 new restrictions were placed on access to health records by subcontractors and vendors. The law wants to make sure that patient privacy is maintained.

The HIPAA law defines someone’s health record as protected health information (PHI). The term PHI refers to both digital and physical paper copies of health records. Electronic PHI (EPHI) refers to just the electronic form of PHI records. HIPAA establishes privacy rules that outline how EPHI can be collected, processed, and disclosed. There are significant penalties for violating these rules. In 2013 these fines were increased to a maximum $1.5 million per violation. This regulation applies to any covered entity that manages health records, including:

  • Health care providers—Doctors, hospitals, clinics, and others
  • Health plans—Those that pay the cost for the medical care such as insurance companies
  • Health care clearinghouses—Those that process and facilitate billing
  • “business associates”—Vendors and subcontractors of any covered entity
  • For your security policies to be HIPAA-compliant, they must include the following key control requirements:

  • Administrative safeguards—Refers to the formal security policies and procedures that map to HIPAA security standards. It also refers to the governance of the security policies and their implementation.
  • Physical safeguards—Refers to the physical security of computer systems and the physical health records.
  • Technical safeguards—Refers to the controls that use technology to protect information assets.
  • Risk assessment—Refers to a standard requirement of a risk-based management approach to information security

  • User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.

    Explanation & Answer

    Please let me know if there is anything needs to be changed or added. I will be also appreciated that you can let me know if there is any problem or you have not received the work. Please let me know if there is anything needs to be changed or added. I will be also appreciated that you can let me know if there is any problem or you have not received the work Good luck in your study and if you need any further help in your assignments, please let me know Can you please confirm if you have received the work? Once again, thanks for allowing me to help you R

    regarding HIPAA
    by HAL Lab

    Submission date: 14-May-2019 11:59AM (UT C-0400)
    Submission ID: 1130375269
    File name: Regarding_HIPAA_rules_and_regulations.edited.docx (16.41K)
    Word count: 364
    Character count: 2035

    regarding HIPAA










    Just the thing I needed, saved me a lot of time.


    Related Tags