HIPAA Title II focuses on standardizing healthcare transactions and protecting private health information. It requires covered entities to use electronic transactions by October 2002 and comply with unique identifiers rules. These unique identifiers include an employer ID, National Provider Identifier (NPI), and proposed National Health Plan Identifier (NHI). The Privacy Rule aims to properly protect individuals' health information while allowing needed information sharing. It balances privacy protections with important data uses. The Security Rule ensures electronic protected health information is only available to authorized persons and maintains integrity and availability of the data.
HIPAA Regulations for Electronic Transactions, Privacy and Security
1. EmilyMarshall
HIPAA
HIPAA Tittle II
One of the primary areas of regulation is standardization of health care transactions.
Covered entities must be compliant with electronic transactions requirements by October 2002
(October 2003 if the covered entity has requested a one-year extension from the government or if
the covered entity is a small health plan). HIPAA requires every provider who does business
electronically to use the same health care transactions, code sets, and identifiers. Anthem has
filed for, and received, a one-year extension for compliance with the electronic transactions
requirements. Covered entities must be complaint with unique identifiers rules is published.
Unique identifiers rule has three unique identifiers: Standard unique employer identifier used on
an organization’s federal IRS Form W-2. This identifies an employer entity in HIPAA
transactions. Another one is National provider identifier (NPI) which is a unique 10-digit number
used for covered health-care providers in all HIPAA administrative and financial transactions.
The last but not least is national Health plan identifier (NHI), it is a centers of Medicare and
Medicaid services (CMS) proposed identifier to identify health plan and payers.
The second primary controls to protect health information regulations like your privacy
rule and security rule. The major goal of the Privacy Rule is to assure that individuals’ health
information is properly protected while allowing the flow of health information needed to
provide and promote high quality health care and to protect the public’s health and well-being.
The Rule strikes a balance that permits important uses of information, while protecting the
privacy of people who seek care and healing. The security rule means that e-PHI is not available
or disclosed to unauthorized persons. The security rule’s confidentiality requirements support the
privacy rule’s prohibitions against improper uses and disclosures of PHI. The security rule also
promotes the two additional goals of maintaining the integrity and availability of e-PHI. Under
the security rule, “integrity” means that e-PHI is not altered or destroyed in an unauthorized
manner. “Availability” means that e-PHI is accessible and usable on demand by an authorized
person.
http://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/
http://www.hhs.gov/sites/default/files/privacysummary.pdf
https://www.anthem.com/shared/noapplication/f3/s1/t0/pw_035866.pdf
https://www.cms.gov/Regulations-and-Guidance/HIPAA-Administrative-
Simplification/EventsandLatestNews/Downloads/HIPAA101-1.pdf