Research on HIPAA. Why was it implemented? Who has the responsibility for its oversight? Who/what does it regulate? What are some of the details in the regulation not discussed in the textbook? Also address who this regulation cover
Requirement : a two paragraph (250-word) response, 2 peer reviewed article citation
Details about HIPAA from textbook:
Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act (HIPAA) became law in 1996. The law protects a personâ€™s privacy. If you handle someoneâ€™s health records, you must adheretoHIPAA.Thisincludesdoctorâ€™soffices,hospitals,clinics,andinsurancecompanies. The law recognizes that digital data exchange of health records, such as between insurance companies and doctorâ€™s offices, is a necessity. But in 2013 new restrictions were placed on access to health records by subcontractors and vendors. The law wants to make sure that patient privacy is maintained.
The HIPAA law defines someoneâ€™s health record as protected health information (PHI). The term PHI refers to both digital and physical paper copies of health records. Electronic PHI (EPHI) refers to just the electronic form of PHI records. HIPAA establishes privacy rules that outline how EPHI can be collected, processed, and disclosed. There are significant penalties for violating these rules. In 2013 these fines were increased to a maximum $1.5 million per violation. This regulation applies to any covered entity that manages health records, including:
For your security policies to be HIPAA-compliant, they must include the following key control requirements: