HIPAA Information
![]() 
The Health Insurance Portability and Accountability Act of 1996
(HIPAA) amended the IRS Code of 1986. The federal government enacted
HIPAA legislation to:
- ensure health insurance portability and continuity
- guarantee the
integrity and confidentiality of health information
- improve the
operations of health care systems
- reduce waste, fraud, and abuse
in health insurance and health care delivery
HIPAA is divided into three segments: Privacy, Transaction
Codes and Data Sets, and Security. Privacy
Department of Health and Human Services issued final Privacy Regulations
in August 2002 intended to secure Protected Health Information
(PHI) transmitted through Electronic Data Interchange (EDI). The
federal government requires full HIPAA compliance from all covered
entities by April 14, 2003. A Covered Entity is a health plan,
a health care clearinghouse, or a health care provider who transmits
health information electronically. All Business Associates must
also be HIPAA compliant with Privacy regulations by the effective
date. Business Associates perform health care operations involving
use/disclosure of PHI on behalf of Covered Entities.
OptiCare’s staff has been trained on HIPAA Privacy legislation
and its impact on daily operations. Policies and procedures are functional,
meeting HIPAA requirements, and OptiCare is fully
compliant with the HIPAA Privacy Rules.
Transaction and Code Sets
Transaction and code sets (TCS) are the standard transaction formats
and associated code sets mandated by HIPAA. OptiCare is working
currently on TCS and will be compliant by the deadline of October
16, 2003.
Security
OptiCare expects to be compliant with all HIPAA Security regulations
by the effective date in 2005. The federal government enacted security
legislation to:
- establish administrative procedures for PHI Integrity
- establish
physical safeguards for PHI
- establish technical security measures
(e.g., limited access)
- establish security measures for PHI transmitted
over a network
Existing security controls required under the
Privacy Rule are currently in place.
|
