The Health Insurance Portability and Accountability Act (HIPAA) as the name suggests has a set of portability rules that see to it a person continues to get insurance cover under a host of circumstances, whereas accountability and privacy rules ensure that a patients protected health information or PHI is safeguarded with the help of different measures. But even in spite of extensive HIPAA laws violations do take place which is why a corresponding string of laws to penalize the violators have been introduced.

The following points will tell you how HIPAA goes about enforcing its many laws.

– The Protected Information: HIPAA Privacy Rules protects all the information of the patient contained in the PHI that is connected to the physical as well as the mental health, and which leads to the identification of the particular individual. However take note that the rules do not cover those sections of the data which do not identify the patient.

– Parties falling Under the Rule: HIPAA Privacy Rules have to be followed by those parties who have access to PHI and transact it for approved purposes. Groups who have to follow the laws include health care providers consisting of hospitals, nursing homes, clinics, pharmacies, doctors, dentists and nurses, in addition to health insurance companies and health care clearing houses. All these parties referred to as covered entities have to follow the HIPAA Privacy rules and are liable for penalties in case of violations.

– Enforcement Body: The U.S. Department of Health and Human Services enforces the HIPAA Privacy Rules through the Office for Civil Rights (OCR). The OCR has a predefined procedure which is followed to investigate and enforce the law.

– Working of OCR: A breach in the compliance requirements of HIPAA may be revealed in two ways; either the OCR might come across an instance of non-compliance during its inspection of covered entities, or when they receive a complaint. On receiving a complaint the body will first ensure that it has been received within 180 of the violation and only then will it proceed. The OCR then conducts an investigation to find out if a violation has indeed taken place and which individual or parties are responsible for the same; it might seek information from the covered entities as well as the complainant during such investigation. If the OCR finds certain criminal violations it may refer the matter to the Department of Justice (DOJ) for further action. In case of other issues it might ask the entity to rectify the breach within thirty days, and if the entity still does not comply only then can a penalty be imposed by OCR.

– Penalties: HIPAA laws prescribe civil and criminal penalties ranging from $100 to $250,000 and a prison term of up to ten years. However these penalties depend on the seriousness of the particular case, and whether the violation has been done knowingly, repeatedly or unknowingly.

Remember that the HIPAA laws do not cover a private cause of action; however you may invoke such rights as per the laws in your particular state.

For more information, please visit our HIPAA privacy website.

For more information, please visit our HIPAA privacy website http://www.hipaaprivacyrule.com

Author Bio: For more information, please visit our HIPAA privacy website.

Category: Education
Keywords: HIPAA Privacy ,HIPAA laws ,Health Insurance ,Health Information ,HIPAA Privacy Rights