The healthcare sector is a crucial department in any organisation. Poor health of the workers leads to the reduction of their performance and overall economic loss. Health care providers have the mandate of ensuring that their services are of the highest quality. Health Insurance Portability and Accountability Act (HIPAA) legislation were formed to ensure proper checks and balances in the mode of handling sensitive client information.
Health Insurance Portability and Accountability Act, also known as Public Law 104-191[H.R .3103] / The Kennedy-Kassebaum bill, came into law on August 21, 1996. The US congress passed HIPAA for five main reasons. Firstly, to combat fraud, waste and abuse, health delivery and insurance. Secondly, to demystify administration of health insurance. Thirdly, to foster the utilization of medical savings accounts. Fourthly, to improve the continuity and portability of both group and personal health insurance coverage. Lastly, to improve the accessibility of long-term coverage and care services.
The original HIPAA legislation captured its key objectives in five titles as shown in the table below
HIPAA covers fraud, insurance portability and administrative simplification. Administrative simplification legislation was wired to enable efficient sharing of electronic health information among health organizations, placing emphasis on the level of confidentiality for Individually Identifiable Health Information (IIHI). Privacy and security measures included in HIPAA statutes aimed to safeguard the privacy of health plan members and patients while exchanging their health information (Axzo Press and Supremus Group 2).
As part of their initiatives to comply with HIPAA regulations, various organizations have adopted modern technology. For instance, Hybrid Public Key Infrastructure Solution (HPKI) is deemed to comply with HIPAA regulations. As opposed to other models, which are session-oriented, HPKI is contract oriented, delegating trust and security management to the healthcare providers during the term of the contract. In terms of its functional structure, HPKI resembles the current paper-based healthcare model. The cryptographically potent PKI scheme aims to ensure mutual authentication and distribution of computational non-intensive data. It also contains symmetric cryptographic technology for storing and transmitting highly sensitive medical information, such as images, in high volumes. In addition, Huang, Hui-Feng, and Kuo-Ching developed the elliptic curve cryptography management scheme to facilitate operations among applied cryptographic mechanisms (Huang, Hui-Feng, and Kuo-Ching 115). However, the efficiency and quality of these electronic services is highly dependent on construction of better-performing programs for the trusted party as well as the users (Huang, Hui-Feng, and Kuo-Ching 117).
Organizations governed by HIPAA should comply with its regulations and address the business needs realistically. Periodical refresher trainings for staff, regular updates, and monitoring of HIPAA statutes, both at federal level and state levels, are key steps towards ensuring compliance. Additionally, regular review of an organization’s HIPAA compliance program to assess its compatibility with HIPAA regulations and changing business needs also helps to ensure compliance. To enable them comply and remain relevant within the statutes and policies of HIPAA, Organizations should design and implement appropriate procedures, policies, and practices (Axzo Press and Supremus Group 2).
Organizations, especially those in healthcare provision, should organize HIPAA regulations training for their staff. It is also vital for the organizations to incorporate HIPAA recommendations in their structures. Adequate consultative forums between healthcare providers and the state should be done to ensure proper administration of HIPAA.
Works cited
Huang, Hui-Feng, and Kuo-Ching Liu. "Efficient key management for preserving HIPAA regulations." Journal of Systems and Software 84.1 (2011): 113-119.
Hu, Jiankun, Hsiao-Hwa Chen, and Ting-Wei Hou. "A hybrid public key infrastructure solution (HPKI) for HIPAA privacy/security regulations." Computer Standards & Interfaces 32.5 (2010): 274-280.
Axzo Press, Supremus Group. “HIPAA Training and Certification: Job-Role-Based Compliance + Certblaster & CBT, (Instructor's Edition). LA, Supremus Group LLC: 2008. Print.
