Contact Us Today!   314.394.3001   |   info@andersontech.com
Anderson Technologies
  • Home
  • Services
    • Overview
    • Managed IT Services
    • Cyber Security
    • System Administration
    • HIPAA Compliance Services
    • Ransomware Protection
    • Hardware & Software Consulting
    • Cloud Computing Services
    • Web Design
    • Anderson Archival
  • Industries
    • IT Support for Accountants
    • IT Support for Dental Offices
    • IT Support for Financial Services
    • IT Support for Architects and Engineers
    • IT Support for Manufacturing
    • IT Support for Nonprofits
  • Learn
    • What Are the Biggest Mobile Security Threats of 2020?
    • What Are Mobile Security Best Practices?
    • Battle of the Brands: Microsoft’s Office 365 vs. Google’s Workspace
    • What Does a Firewall Do for a Network?
    • How to Maintain Security When Employees Work Remotely
    • How to Protect Your Data from Ransomware
    • Comparing Mobile OS
    • What Is Phishing?
    • How to Identify Phishing and BEC Scam Emails
    • What Is MFA And Why Do I Need It?
    • How to Reduce Risk and Secure Your Internet of Things Devices
  • Training
  • Resources
    • Free Ebooks
    • Webinar: Cyber Security at Home: Protecting Your Business & Family
    • Newsletter Sign Up
  • About
    • About Us
    • What Our Clients Have To Say
    • Careers
  • Press
  • Blog
  • Contact
    • Contact Us
    • Free Consultation
    • HIPAA Services Inquiry
  • Help
  • Menu Menu

Get Hip to HIPAA!

October 19, 2018/in Data Security, How To /by Marcia Spicer

Even if you’ve never worked in the healthcare industry, you’ve probably heard of HIPAA. An appointment to get your teeth cleaned comes complete with a slew of forms that include your rights according to HIPAA.

But can you explain what HIPAA is and why that form is necessary? We often sign and date and move on, knowing it relates vaguely to what our care provider can do with our private health information.

HIPAA includes a lot more than you may realize, and if you work with Protected Health Information (PHI), especially electronic Protected Health Information (ePHI), understanding HIPAA is crucial. This article is the first in a series discussing what HIPAA is, understanding the Privacy and Security Rules, and analyzing HIPAA compliance standards.

What Does HIPAA Stand for?

If you’re not exceptionally familiar with this acronym, you may think it stands for the Health Information Privacy and Accountability Act. That seems reasonable given how the everyday person is exposed to it. In fact, it stands for the Health Insurance Portability and Accountability Act.

That doesn’t sound so familiar, does it? HIPAA was enacted in 1996 not with the intent to protect people’s privacy, but instead to regulate and simplify the health insurance industry. According to the official HIPAA language, the objective of this government regulation is:

To amend the Internal Revenue Code of 1986 to improve portability and continuity of health insurance coverage in the group and individual markets, to combat waste, fraud, and abuse in health insurance and health care delivery, to promote the use of medical savings accounts, to improve access to long-term care services and coverage, to simplify the administration of health insurance, and for other purposes.

Essentially, Congress wanted to make health insurance cheaper and simpler by reducing administrative costs and creating a standard method that everyone related to the health insurance industry could adopt. So where does all this privacy and security regulation come into play? The requirement “to simplify the administration of health insurance” triggered everything.

In the Administrative Simplification section of HIPAA, the Act requires that the rights of individuals relating to the use and disclosure of their health information be clearly explained and that standards are set for the electronic exchange of health information. These two subsections, privacy and safeguards, would later be addressed in what is now referred to as the Privacy Rule and the Security Rule.

The Privacy Rule

The Privacy Rule went into effect in 2000 and has been amended several times. It lays out the standards and guidelines for how PHI in all forms—verbal, physical, or electronic—can be used and disclosed. The Privacy Rule is the reason you know the acronym HIPAA at all.

Thanks to the Privacy Rule, health care providers, insurance companies, and their business partners must follow the same rules regarding health information. Individuals have the same right to access and the same expectation of privacy from all entities according to the guidelines in the Privacy Rule. PHI can include:

  • identifiable personal information,
  • any medical or mental health condition diagnosed during the lifetime of the individual,
  • any treatment or procedure performed in the lifetime of the individual,
  • payment information relating to health care,
  • and any identifiable or medical information that the individual wants restricted.

The Privacy Rule is also the reason you must sign that form stating you understand your rights according to HIPAA. Being informed that you have the right to privacy is part of your legal rights. There are exceptions to these rules, such as life-threatening emergencies, court orders, and release of information authorizations, but all are directly addressed and specified within the rule.

Ultimately, the HIPAA Privacy Rule sets the standard for each patient’s right to privacy regarding their PHI. Thanks to the Privacy Rule, PHI is automatically considered confidential in almost all circumstances, and it also explains under what circumstances PHI may be shared.

The Security Rule

The Security Rule is a little different. It first went into effect in 2003 and, unlike the Privacy Rule, relates only to ePHI. The Security Rule established the safeguard standards everyone dealing with ePHI must follow to be HIPAA compliant. Compliance means all ePHI is stored, processed, and transferred in a way that ensures patient privacy. While it doesn’t dictate specific implementation steps, since each company’s use and needs around ePHI is different, anyone dealing with ePHI must address each specification.

HIPAA began as a way to simplify health insurance procedures and make those handling health information more accountable to every citizen’s rights about their private health information, and its effects have been far-reaching. For anyone dealing with PHI, the requirements can appear daunting at first, but with a trusted IT partner, HIPAA compliance means any and all health information will be safe in your hands.

Look for our next HIPAA article, which will discuss the Security Rule in more detail. Until then, you can contact Anderson Technologies’ expert consultants for help navigating HIPAA compliance by calling 314.394.3001 or emailing info@andersontech.com.

Contact Us

Tags: guide, hipaa, how-to
Share this entry
  • Share on Facebook
  • Share on Twitter
  • Share on WhatsApp
  • Share on Pinterest
  • Share on LinkedIn
  • Share on Tumblr
  • Share on Reddit
  • Share by Mail
You might also like
HIPAA Part 6: Plan for the Worst
HIPAA Part 2: Diving Deep into the Security Rule
Can you recover deleted files? Hands Off the Keyboard! How Managed IT Can Recover Your Deleted Files
Password Safety Cyber Security Change Your Passwords: Follow the Best New Policies
HIPAA Part 5: The Cycle of Risk
hipaa documentation HIPAA Part 3: Document! Document! Document!

Newsletter Signup



Recent Posts

  • 5 Tips for Security-Conscious Zooming
  • Byte-Size Tech: Employee Training Can Make Or Break Your Cybersecurity
  • Byte-Size Tech: Managed IT Firm Stopped Ransomware Attack In Progress
  • Learn: Battle of the Brands: Microsoft’s Office 365 vs. Google’s Workspace
  • Opting Out: Keeping Your Personal Data Private

Seeking IT support and managed services?
Get a free consultation today.

Contact Us

  • Home
  • Services
  • Resources
  • About
  • Blog
  • Contact
  • Help
  • Privacy Policy
ATI Logo
Phone: 314.394.3001
Email: info@andersontech.com

13523 Barrett Parkway Dr
Suite 120
St. Louis, MO 63021



© - Anderson Technologies
  • Home
  • Services
  • Resources
  • About
  • Blog
  • Contact
  • Help
  • Privacy Policy
Are You Ready to Go Phishing? Pink phishing lure 5 Tasks to Tackle: Prep Your Business for 2019
Scroll to top
We use cookies to understand how you use our site. Click Accept to confirm your approval of this, or learn more in our Privacy Policy. Accept Privacy Policy
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

SAVE & ACCEPT