Information about http://layerone.info/archives/2006/Hacking_the_Regs-LayerOne-Meee.pdf
HIPAA Overview HIPAA Timeline August 21, 1996 President Clinton…
Tags: administrative simplification provisions, asca, cancer care, compliance act, compliance plan, electronic health care, health care transactions, health insurance coverage, health insurance plans, health insurance portability, health insurance portability and accountability, health insurance portability and accountability act, health insurance portability and accountability act hipaa, law case, medical privacy law, national identifiers, president bush signs, privacy provision, privacy rules, seattle cancer care alliance,Pages: 9
Language: english
Created: Fri May 12 11:22:46 2006
Display cached document
Page 1
Page 2
Page 3
Page 4
Page 5
Page 6
Page 7
Page 8
Page 9
HIPAA Overview
HIPAA Timeline
August 21, 1996 President Clinton signed the Health Care Portability and
Portability
Accountability Act, (HIPAA), into law, [H.R.3103]
December 27, 2001 President Bush signs the Administrative
Simplification Compliance Act, (ASCA or H.R.3323) into law.
October 16, 2002 Covered entities must begin to implement the
Transaction and Code Set unless they filed for an extension.
Feb 20, 2003
Security Standards were adopted
Final Rules pertaining to adopting changes to the HIPAA Electronic
Transactions and Code Set Standards is published.
April 14, 2003 HIPAA Privacy Rules to be adopted by all covered entities.
April 16, 2003 Entities must implement their compliance plan in order to
receive an extension
October 16, 2003 All Entities must comply with Transaction and code set
law.
July 30, 2003 All Entities covered shall have an EIN
April 20, 2005 All covered Entities must implement the Security Rule
Standard.
HIPAA was suppose to
make things simpler.
Title I:
Title I of HIPAA protects health insurance coverage
for workers and their families when they change or
lose their jobs.
Title II:
Title II of HIPAA, the Administrative Simplification
provisions, requires the establishment of national
standards for electronic health care transactions
and national identifiers for providers, health
insurance plans, and employers.
HIPAA
What it brought us
Privacy Provision was initially 337 Words
Current Legislation over 101,000 words.
Confusion
Costs
Paranoia
HIPAA as law
Case study
Richard W. Gibson, who worked at the
Seattle Cancer Care Alliance, had been
sentenced in November to 16 months in
federal prison for violating a medical-privacy
law known as the Health Insurance
Portability and Accountability Act (HIPAA). It
was the first conviction nationwide under the
law, which took effect in 2003.
HIPAA Interpretation
of law
Justice Department ruled that most health-care
employees can't be prosecuted for stealing
personal data under the HIPAA law. The ruling
could stop federal prosecutors from pursuing
some of the more than 13,000 complaints that
have been filed alleging violations of those
rules.
The case can be challenged by the defense.
*Seattle Times
HIPAA Security Rule
Protect against any reasonable threats or hazards to
the security or integrity of such information
Protect against any reasonably anticipated uses or
disclosures not permitted
Ensure the confidentiality, integrity, and availability of
all electronic patient healthcare information.
Consistency and compatibility across covered entities
Ensure workforce compliance
Cost effective
Unambiguous
Predictable
HIPAA Security Rules
Covers items not otherwise covered in
the Privacy rule.
Access of Data
Encryption of Data
Communications of Data
HIPAA Security Rule
Access
Auditing of user access to patient
information
Communication of data
Data that is transmitted that contains Health
care provider information in regards to
patient care
Subject to exploitation
Faxing
Telephone