ppn…aids healthcare industry with HIPAA and privacy compliance!

The Federal government pasted and has issued regulations which implement the Health Insurance Portability and Accountability Act (HIPAA) of 1996, Public Law 104-191. The Act addresses many topics some of which are focused upon the protection of a patient’s medical records and health related information including identity information. Many of the various regulations relating to HIPAA define requirements which specify the need for all parties who receive, share or distribute healthcare information in electronic format to assure that the information is not compromised during the data transfer or the data sharing activities.

In order to administer HIPAA, the Department of Health and Human Services, other Federal agencies, State healthcare agencies, private health plans, health care providers, and health care clearinghouses must assure their customers (such as patients, insured, providers, and health care plans) that the confidentiality and privacy of health care information they electronically collect, maintain, use, or transmit is secure. Security of health information is especially important when health information can be directly linked to an individual.

 

Confidentiality is threatened not only by the risk of improper access to electronically stored information, but also by the risk of interception or compromise during electronic transmission of the information. Electronic transmissions include transactions using all media, even when the information is physically moved from one location to another using magnetic tape, disk, CD, DVD, flash memory or other electronic storage media. Transmissions over the Internet, leased lines, dial-up lines, and private networks are all included.

…we propose a standard for security of health information. This rule would establish that health plans, health care clearinghouses, and health care providers must have the security standard in place to comply with the statutory requirement that health care information and individually identifiable health care information be protected to ensure privacy and confidentiality when health information is electronically stored, maintained, or transmitted.

…The security provisions of Section 262 of HIPAA apply to any health plan, any health care clearinghouse, and any health care provider that electronically maintains or transmits any health information relating to an individual.

Section 1177 of the Act establishes penalties for a knowing misuse of unique health identifiers and individually identifiable health information: (1) A fine of not more than $50,000 and/or imprisonment of not more than 1 year; (2) if misuse is "under false pretenses," a fine of not more than $100,000 and/or imprisonment of not more than 5 years; and (3) if misuse is with intent to sell, transfer, or use individually identifiable health information for commercial advantage, personal gain, or malicious harm, a fine of not more than $250,000 and/or imprisonment of not more than 10 years. Note that these penalties do not affect any other penalties which may be imposed by other Federal programs, including ERISA, or any state penalties or civil liabilities.

ppn provides every Federal agency, state agency and public and private healthcare office, clinic, care center, hospital, organization and individual with the capability to securely, in encrypted format, transfer and share protected healthcare information between authorized parties in full compliance with the HIPAA and other Federal, state and local privacy requirements.