3. Confidentiality
HIPAA
Ethics
Employee Responsibility
Employee Monitoring
Consequences for a violation of privacy
4. The Health Insurance
Portability and
CONTENT Accountability Act of 1996
EMR SYSTEMS
(HIPAA), Public Law 104-
191, was enacted on August
21, 1996.
Sections 261 through 264 of
HIPAA require the Secretary
of HHS to publicize
standards for the electronic
exchange, privacy and
security of health
information.
5. HIPAA required the Secretary to issue privacy regulations governing
individually identifiable health information, if Congress did not enact privacy
legislation within three years of the passage of HIPAA.
Because Congress did not enact privacy legislation, HHS developed a proposed
rule and released it for public comment on November 3, 1999.
The Department received over 52,000 public comments. The final regulation, the
Privacy Rule, was published December 28, 2000.2
In March 2002, the Department proposed and released for public comment
modifications to the Privacy Rule. The Department received over 11,000
comments. The final modifications were published in final form on August 14,
2002.3
6. WHAT IS HIPAA? WHO IS COVERED?
Health Insurance &
Accountability Act of 1996
All hospitals, physician offices,
insurance providers, employers,
Title I of the HIPAA act protects medical billing agencies, and of
insurance coverage for certain course patients.
types of people
Title II of the HIPAA act is the
part that deals with privacy
standards for medical
information
7. Ensure that patient information is kept secure and not
visible or disclosed without proper consent
Allow patients full access to their medical records
Give patients and other medical personnel education
on HIPAA privacy policies when needed
Give patients the right to protect their medical records
Notify patients of access to their medical records
Provide a formal complaint process for patients and
refer them to the HIPAA compliance office