›› What is expected from HIPAA compliance?

All rules and regulations made under The Health Insurance Portability and Accountability Act of 1996 (HIPAA) are available online on the Internet. It is advisable to buy the latest updated and revised version of the HIPAA Regulatory manual which comes along with a CD-ROM for better understanding of the HIPAA laws.

The HIPAA specifically provides for procedures of seeking permission in writing from the patients for the purpose of disclosure of their private medical and health care data. HIPAA provides for a specific set of rules which are legally binding enabling the patient to access their own medical and health care information.

HIPAA makes it possible for people to file a written privacy-related complaint to the Department of Health and Human Services (HHS) Office for Civil Rights should they feel their PHI has been compromised. All the Covered entities are required to document their privacy related procedures, however, they have choice on what to include and what not to include in the privacy procedures. Covered entities must employ a designated privacy officer and give proper training their employees. Covered entities are allowed to use an individual's personal information even without the individual's written consent if is used for the purposes of providing treatment, or to obtain payment of  services provided  and to carry out  the non-treatment related operational work of the provider's own business.

 There are a lot of good legal firms and consultants who specialize in HIPAA. In case of any doubt you should consult one of these consulting firms to determine whether you are covered within the ambit of the HIPAA laws. If you indeed fall under the ambit of the HIPAA laws then you must learn what needs to be done to make your self HIPAA complaint and escape the penalties provided under the law as non-compliance can lead to severe penalties as provided for in the laws.