Be Part of the Ultimate Safety & Compliance Community
Trending news, knowledge-building content, and more – all personalized to you!
The Health Insurance Portability and Accountability Act of 1996 (HIPAA, Public Law 104-191, which amends the Internal Revenue Service Code of 1986; also known as the Kennedy-Kassebaum Act) provides rights and protections for participants and beneficiaries in group health plans.
The Act affects all healthcare organizations, including all health care providers, health plans, employers, public health authorities, life insurers, clearinghouses, billing agencies, information systems vendors, service organizations, and universities. It is administered by The Employee Benefits Security Administration (EBSA).
HIPAA:
HIPAA may also give employees a right to purchase individual coverage if they have no group health plan coverage available, and have exhausted Consolidated Omnibus Budget Reconciliation Act (COBRA) or other continuation coverage.
HIPAA protects workers and their families by the following:
Special enrollment rights are provided for:
Discrimination prohibitions. Ensure that individuals are not excluded from coverage, or charged more for coverage offered by a plan or issuer, based on health status-related factors.
Disclosure requirements. Plans are required to:
Privacy. Title II of the Act includes a section, Administrative Simplification, requiring improved efficiency in healthcare delivery by standardizing electronic data interchange, and protection of confidentiality and security of health data. Compliance deadline for the privacy requirements was April 14, 2003. Employers are covered by the privacy rule when:
In general, privacy is about who has the right to access personally identifiable health information. The rule covers all individually identifiable health information in the hands of covered entities, regardless of whether the information is or has been in electronic form. Protected health information is that which identifies an individual’s physical or mental health condition, the health care that the individual has received, or payments for such care. In contrast, summary health information, which excludes individuals’ names and identifying information, may be disclosed to, and used by, employers—without consent—for certain functions such as obtaining bids for insurance coverage.
The privacy standards:
Some of the actions that employers may want to take include the following:
Authorizations allow additional, specific uses of health information beyond treatment, payment and health care operations to be released. Covered employers must provide notice of patient’s privacy rights and the privacy practices.
ERISA. HIPAA amended the Employee Retirement Income Security Act (ERISA) to provide for, among other things, improved portability and continuity of health insurance coverage provided in connection with employment. The HIPAA portability provisions relating to group health plans and health insurance coverage offered in connection with group health plans are set forth under a new Part 7 of Subtitle B of Title I of ERISA . These provisions include rules relating to preexisting conditions exclusions, special enrollment rights, and prohibition of discrimination against individuals based on health status-related factors.
The provisions of Title I of ERISA are administered by the U.S. Department of Labor. ERISA confers substantial law enforcement responsibilities on the Department. Part 5 of ERISA Title I gives the Department authority to bring a civil action to correct violations of the law, gives investigative authority to determine whether any person has violated Title I, and imposes criminal penalties on any person who willfully violates any provision of Part 1 of Title V.