HIPAA: Securing Protected Health Information
Overview/Description
Congress designed the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Administrative Simplification Rules to make it easier for healthcare providers, insurance companies, and information clearinghouses to provide adequate care for patients. By using a single set of standards for exchanging electronic data, healthcare organizations can send and receive health information more quickly and at a lower cost.
However, standardizing the electronic "language" of healthcare data creates a threat to a patient's privacy rights. The law includes specific safeguards for patients' health information. The law that establishes these rules does not place any specific requirements on employers. However, many employers sponsor healthcare insurance plans for employees and share protected health information about employees with organizations covered by the new rules.
Employers must protect themselves against liability under the new rules by ensuring the confidentiality, integrity, and availability of electronic protected health information it holds about employees. Companies must protect against reasonably anticipated threats to the security or integrity of health information and guard against uses or disclosures of protected information that are not allowed under the law.
This course describes precautions employers should take when complying with HIPAA Administrative Simplification rules. The course explores specific standards set within HIPAA rules and legally-mandated implementation standards as well as areas where the law allows flexibility in adopting the new rules.
Target
Audience
The courses in this series cover a variety of subject areas that affect all employees, with an emphasis on management and human resource personnel who need to understand and implement compliance policies.
Administrative Safeguards for Data Security
Protecting Data
Course Number: HR0194