Health Insurance Portability and Accountability Act of 1996 preceded the Internal Revenue Code of 1986 and was meant to improve portability and continuity of health insurance coverage for individual and group markets as well as combat waste, fraud, and possible abuse in health insurance and healthcare delivery. The law under Title II, subtitle F contains six parts that touches on information technology aspects.
Subtitle F is about administrative simplification and under section 261, it is stated that its purpose include improvement of Medicare program and promote efficiency and effectiveness of the healthcare system through development of health care information system using standards and requirements outlined under electronic transmission of medical records.
The paper will explore the most important parts of the law pertaining information technology.
The first component of the law is the standards for information transaction and data elements. Under this section, the Secretary shall adopt relevant standards for transaction and exchange of health information and data elements for such transactions. Transactions refer to health claims, attachments, enrolment and disenrollment information into a health plan, payment details and remittance, the status of health claims. Data elements form the basis of healthcare information systems. They define what is actually recorded in the system. Examples include the number of patients visiting a certain health facility at a certain period. A data element assigns a certain meaning to the table fields and is defined over a domain while a field is defined over an element. Under this section, the secretary will determine code sets for data elements for transmission of health information data. It will also adopt security standards that take into account secure, economical, and auditing requirements for both small and established health care providers.
Secondly, the law details the requirements and consequences of transaction processes carried out using information systems. The Secretary shall impose penalties for failure to comply with the requirements and standards. Wrongful disclosure of individually identifiable health information is an offense. The law prohibits knowingly and willing access, use and disclosure of individually identifiable health information details of another person. Under the act, a penalty of $50.000, imprisonment not more than one year, or both is applicable for such offences.
The law anticipates curbing cases of fraud, theft, appropriate reporting of healthcare delivery costs, and adherence to state regulation of insurance and health plans. Under section 1179, provides exceptions for handling, processing and disclosure of personal identifiable information. This applies in the cases of bill processing and payment through debit, credit, card, check, electronic funds transfer or any other desirable mode. It also provides for exemptions hen dealing with customer issues, auditing, and inquiries from customers, reporting and criminal or civil subpoena.
Finally, the last section provides recommendations for preservation privacy of certain health information systems. Patient privacy is of crave concern in health information systems. Under section 264, certain individuals have the right to access identifiable health information data. The section outlines the procedures for establishment of such rights as well as authorization authority for access, disclosure or use of such information. All these are executed to enhance information security in health care delivery. Information security is an essential practice that ensures the safety of information. Generally, information security is founded on three fundamental values; confidentiality, integrity and availability of healthcare information and data. In order to ensure to ensure the safety of information from unauthorized access, modification, misuse and corruption, safety practices are necessary.
References
Kiel, J. M. (2006). H. I. P. A. A. Lulu.com.
Sullivan, J. M. (2004). HIPAA: A Practical Guide to the Privacy and Security of Health Data. American Bar Association.
Wu, S. S. (2007). Guide to HIPAA Security and the Law. American Bar Association.