›› HIPAA – Introduction

 The U.S. Congress enacted the Health Insurance Portability and Accountability Act in the year 1996 commonly known as HIPAA.  Part I of HIPAA provided for health insurance cover for workers among with their families whenever they change or loose their jobs. Title II of HIPAA, contains the Administrative Simplification (AS) provisions, which require the founding of national standards for electronic health care transactions and provision of national identifiers for providers, control over health insurance plans, and control on the employers. The AS provisions also deals with the privacy and security of health data. The requirement of all these standards is only to improve the effectiveness and efficiency of the country's health care system by forcing the users to adopt the use of electronic data interchange (EDI) in health care.

The Administrative Simplification provisions are mandatorily applicable to the ‘covered entities’. Covered entities mean and include all are those doctors offices and hospitals who use electronic transactions (EDI) as per the provisions of the HIPAA/EDI rules, health insurance companies providing health plans and employers who sponsor ‘group health plans’, and all so clearing housed engaged in health care claim settlements.

Application of HIPAA Provisions
HIPAA compliance can be achieved by considering and following certain key provisions. All the patients must be able to access their medical records and if required request any correction of errors. All patients must be informed about the usage of their personal information.  Some of the patient’s personal information has been categorized as ‘protected health information’ (PHI) which is forbidden to be used for marketing purposes except with the written permission of the patients concerned. Patients must be able to questions their covered entities who maintain their personal medical records and their PHI, how they ensure that all their communications in respect of the patient are kept confidential.