3. The Health Insurance
Portability and Accountability
Act (HIPAA), was signed into
law on August 21, 1996 and
went into effect in April 2003.
HIPAA requires all health care
providers to have patient
consent for access to their
medical records or
information.
4. Regulatory Compliance has to do
with policies and procedures that
are used to make sure
laws, rules, and regulation that
direct hospitals are followed or
complied with. This also includes
all staff are aware of, properly
trained, and comply with
appropriate laws and regulations
such as following the HIPAA
compliance regulations.
5. Centers for Medicare and Medicaid
Services (CMS), JCAHO, state
laws, HIPAA, and EMTALA are just
some of the examples of regulatory
requirement and standards that
health care agencies must be in
compliance with. With Medicare
conditions of practice, certain
conditions must be met by the
hospital in order for them to
participate with the program.
6. The risk management area is another
important entity that should make sure
and monitor that hospitals are in
compliance with HIPAA regulations. HIPPA
and confidentiality of patient information
also hits the back office of organizations
and medical facilities, because most
claims today are submitted electronically
to payers and must now be consistent
with HIPAA provisions that direct
electronic data interchange submissions
appropriately.
7. HIPAA has established patients’
rights related to
access, authorization, and release
of medical records and must be
made available to patients by
healthcare entities. Most
institutions have this readily
available for patients and require a
signature that the patients
understands his/her privacy rights
8. Compliance with HIPAA’s privacy
and security rulings create a good
portion of challenges for electronic
health record information systems
specialists especially with linking
these systems. Many use audit
processes to help make sure they
are maintaining appropriate
security measures.
9. Al healthcare organizations and medical
facilities should incorporate training for all
new employees and re-training and
updates for all current employees, in
reference to HIPAA rules and regulations
and compliance with these regulations.
Violations to these regulations should also
be discussed and what actions will be
taken for any healthcare employee who
violates a patients privacy under these
guidelines.
10. Training can be effective for all employees
by utilizing a clear and well defined
presentation such a power point or
utilizing online modules. With online
learning, testing can be included after
each module and a certificate printed out
after the course is completed with the
date. Yearly training utilizing this method
allows health care workers to update their
knowledge at a time that is convenient for
them and gives them flexibility of required
learning.
11. References
Kongstvedt, P.R. (2007). Essentials of managed health care (5th ed.). MA:
Jones and Bartlett Publishers.
Lund, J. (2005). ERISA enforcement of the HIPAA privacy rules. The University
of Chicago Law Review, 72(4), 1413-1443. Retrieved from
http://search.proquest.com/docview/214788181?accountid=32521
Tan, J. K. H. (2010). Adaptive Health Management Information Systems (3rd
ed.). Sudbury: Jones and Bartlett. ISBN: 9780763756918
