Hit enter to search or ESC to close
This put up is a part of a collection sponsored by AgentSync.
The Well being Insurance coverage Portability and Accountability Act of 1996 (HIPAA) could also be one of the vital generally referenced medical health insurance legal guidelines, not simply by insurance coverage professionals, however within the on a regular basis lives of most People. Study a bit extra about what it’s, what it does (and doesn’t do), and the way it impacts the insurance coverage trade.
Fast! Title a healthcare regulation that everybody is aware of of, however nobody actually is aware of. When you guessed HIPAA, congratulations, you win! For on a regular basis residents, HIPAA references pop up at every physician’s workplace go to and, extra just lately, if a enterprise dares to require proof of COVID-19 vaccine standing for entry or service. Extra on that later, however spoiler alert: A enterprise requiring proof of vaccination to enter, or present providers, doesn’t violate HIPAA.
You’d be laborious pressed to search out an American grownup who hasn’t heard of HIPAA, or who doesn’t understand it has one thing to do with medical privateness. However the collective information of this 500-page healthcare regulation ends there. And for most individuals, that’s OK. However when you work in insurance coverage, you is likely to be one of many few who really wants to know HIPAA extra than simply superficially. Then once more, HIPAA is so particular to medical health insurance and well being info that it doesn’t apply universally throughout the insurance coverage world, both.
Actually, it’s the Well being Insurance coverage Portability and Accountability Act of 1996. This regulation, signed in 1996 by President Clinton, was the primary regulation to deal with the privateness of well being and healthcare info. Although digital medical data barely existed in 1996, HIPAA was forward-thinking and included references to digitization within the medical and medical health insurance discipline that wouldn’t come for years.
HIPAA gave U.S. residents the proper to anticipate some extent of privateness surrounding that info, notably in relation to medical health insurance. It additionally gave us the proper to entry our personal well being info, even when that’s simpler stated than finished more often than not.
A big a part of the whole HIPAA regulation is what’s often known as the HIPAA Privateness Rule. In response to the CDC’s web site, “The Privateness Rule requirements tackle the use and disclosure of people’ well being info (often known as “protected well being info”) by entities topic to the Privateness Rule. These people and organizations are referred to as “coated entities.” The Privateness Rule additionally incorporates requirements for people’ rights to know and management how their well being info is used.”
In plain English:
Merely put, HIPAA required the creation of nationwide requirements to guard delicate affected person well being info from being disclosed with out the affected person’s consent or information. The regulation gave accountability for enforcement to the Division of Well being and Human Companies (HHS)’s Workplace for Civil Rights.
HIPAA additionally laid out legitimate causes for when protected well being info utilized by any coated entity could also be shared or disclosed. The ultimate regulation was over 500 pages, so that is clearly, and essentially, a really abridged model of the regulation! When you’re an even bigger insurance coverage nerd than we’re, you’re welcome to learn the complete textual content of the regulation right here!
Additionally, if HIPAA is central or tangential to your work, consider it is a condensed overview, not authorized steering or due diligence. When you want authorized recommendation, seek the advice of an lawyer.
The brief reply is, “rather a lot.” As you’ve discovered by now, HIPAA applies to a really particular set of coated entities. A restaurant or bar shouldn’t be a coated entity. An airline shouldn’t be a coated entity. Thus, personal companies that ask patrons to reveal their COVID-19 vaccination standing as a way to enter or to be served usually are not topic to HIPAA and usually are not in violation of it.
As well as HIPAA additionally doesn’t cowl:
HIPAA created normal definitions for sorts of companies and entities which can be topic to its privateness rule. These embody:
That’s mainly it. So once more, your uncle shouldn’t be topic to HIPAA at a household dinner. Your neighbor’s bar or restaurant can be not topic to HIPAA. Your native grocery retailer, movie show, and place of employment (more than likely!) usually are not topic to HIPAA.
If, and provided that, you’re one of many above entities or a “enterprise affiliate” of 1, are you and your organization required to adjust to HIPAA.
Affected person privateness is one thing most of us would agree is a crucial proper. Previous to 1996, nevertheless, this wasn’t essentially the case. It definitely wasn’t assured or legally enforced.
Despite the fact that 1996 is hardly what we consider as “the digital age” today, HIPAA was really forward-thinking for its time. It launched some essential ideas that will be key because the trade moved from paper data to digital well being data.
HIPAA standardized how well being information have to be collected and guarded, and enforced a nationally acknowledged set of codes and identifiers. Very like the transfer to structured information in different industries, HIPAA necessities assisted the healthcare trade in shifting towards a digital future the place well being info is shared between sufferers, docs, clinics, insurance coverage firms, and different entities each day with an emphasis on privateness.
For sufferers, HIPAA is especially important. All of the extra in order medical data have moved into the digital age, making them topic to info safety breaches. Previous to the enactment of HIPAA, it’s possible that “coated entities” weren’t usually deliberately exposing private affected person info in unscrupulous methods, however there was no assure (nor have been there government-enforced penalties).
HIPAA was the primary regulation of its sort to create guidelines surrounding the storage and sharing of non-public well being info. It mandated a strict normal of data safety controls for any organizations coping with such info. Plus, with legal guidelines in place, there are precise penalties for noncompliance.
HIPAA additionally empowered sufferers to take extra management over their healthcare by permitting them to entry their data for the aim of being extra knowledgeable about diagnoses and coverings, in search of further medical enter from completely different suppliers, and even checking their data for errors. Earlier than HIPAA, healthcare organizations and medical health insurance firms weren’t required to adjust to any affected person’s request to entry their very own medical data.
For a lot of property and casualty insurance coverage carriers, brokers, brokers, and different insurance coverage companies, it actually doesn’t. For the overwhelming majority of the insurance coverage trade – those that don’t take care of life, well being, accident, incapacity, or associated merchandise – HIPAA doesn’t apply.
For these producers who’re dually licensed, for insurance coverage carriers that deal in well being and life, and for any insurance coverage professionals who come into contact with protected well being info in the middle of doing enterprise, HIPAA is a priority and a regulation that requires compliance.
HIPAA may influence employers who sponsor medical health insurance protection for his or her staff. This implies it’s one thing worker profit brokers have to additionally take note of and alert their shoppers about.
Within the quarter century since HIPAA was first signed into regulation, it’s develop into a reasonably family title (as healthcare legal guidelines go!) however that doesn’t imply it’s easy or simple to know. When you’re within the medical health insurance enterprise, HIPAA is only one of many insurance coverage trade rules you need to take note of and remember to adjust to. And you must get skilled counsel in doing so.
Whereas AgentSync can’t allow you to there, we are able to positively preserve compliance on observe to your non-HIPAA wants, equivalent to producer onboarding and lifecycle administration. See AgentSync in motion at the moment.
About the author
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.