|
|
| Line 1: |
Line 1: |
| __NOTOC__
| | #REDIRECT [[LII:HIPAA Compliance: An Introduction]] |
| ==Introduction==
| |
| [[File:Hipaa compliance.png|left|260px]]In the medical/healthcare industry there are two overriding regulatory compliance considerations: [[Clinical Laboratory Improvement Amendments|CLIA]] and [[Health Insurance Portability and Accountability Act|HIPAA]]. CLIA is the set of Clinical Laboratory Improvement Amendments of 1988, which are United States federal regulatory standards that apply to all clinical laboratory testing performed on humans in the United States, except clinical trials and basic research.<ref name="42.5.495">{{cite web |url=http://www.ecfr.gov/cgi-bin/text-idx?node=pt42.5.493 |title=Title 42, Chapter IV, Subchapter G, Part 493 |publisher=U.S. Government Publishing Office |accessdate=15 June 2016}}</ref> This course is about The Health Insurance Portability and Accountability Act of 1996, enacted by the United States Congress and signed into law in 1996.<ref name="104-191">{{cite web |url=https://www.gpo.gov/fdsys/pkg/PLAW-104publ191/content-detail.html |title=Public Law 104 - 191 - Health Insurance Portability And Accountability Act of 1996 |publisher=U.S. Government Publishing Office |accessdate=15 June 2016}}</ref>
| |
| | |
| Whereas CLIA has to do with standards in clinical testing, HIPAA is concerned with protecting patients’ personal information – rigorously and effectively. It applies to all who are involved in patient personal information, including contractors and other business associates.
| |
| {{clear}}
| |
| ==Privacy and security==
| |
| There are two main areas of HIPAA regulations and standards: privacy and security. Both apply to all covered entities (we’ll define those in [[LII:HIPAA Compliance - LII 007 02. Who Needs to Comply?|Lesson 2]]) and are related, but have slightly different emphases.
| |
| | |
| * HIPAA privacy (the Privacy Rule): This concentrates on the patient's right to privacy regarding their personal information and health records, and what covered entities must do to support that. It also includes their right to access those data.
| |
| | |
| * HIPAA security (the Security Rule): This portion of HIPAA focuses on the requirements for covered entities to protect patient data, including administrative, physical and technical ways and means.
| |
| | |
| ==Government oversight==
| |
| [[File:HHS Bldg 800 px.jpg|right|300 px]]When laws are made, the responsibility to make affected parties aware of their obligations and how to meet them — and to monitor, enforce and punish offenders — is often allocated to a particular body. In the case of HIPAA, the federal [[United States Department of Health and Human Services|Health and Human Services department]] (HHS) is that body. Within the HHS, the Office for Civil Rights (OCR) ensures equal access to certain health and human services and protects the privacy and security of health information. Additionally, the [[Centers for Disease Control and Prevention|Centers for Disease Control and Prevention]] (CDC) and other HHS agencies provide guidance and materials.
| |
| | |
| ==More==
| |
| Further information about HIPAA and its history, etc. can be found on the LIMSwiki [[Health Insurance Portability and Accountability Act|HIPAA]] page.
| |
| | |
| ==References==
| |
| <references />
| |
| | |
| <!---Place all category tags here-->
| |
| [[Category:LabCourses material (all)]]
| |
| [[Category:LabCourses material on regulations and standards]]
| |
