What's HIPAA Compliance?

The definition of HIPAA compliance is as straightforward as “obeying HHS legislation to protect Protected Health Information (PHI) from flows." That is a simple announcement, since being compliant needs associations to follow each of standards in three or more important “Rules" To produce the battle even more difficult, a few of those Rules are over 500 pages each.

HIPAA, or the Health Information Portability and Accountability Act, governs the usage and handling of individual PHI.

This manual will not make you HIPAA compliant. It is going to direct you toward compliance using a plain English collection of all 71 actions items under all the significant Rules.

To be completely compliant, it is vital to read the principles. We have provided links to each at the conclusion of every segment. Nevertheless, the speech in them may be compact and legalistic. This manual, by contrast, will be able to help you realize that the Rules faster.

Further, it is important that staff be trained in HIPAA compliance. Prepared to take that step?

Who Has To Be Compliant?

All of HIPAA Compliance criteria in this manual apply to” covered entities" In other words, businesses and other businesses that utilize PHI (Protected Health Information). Covered entities include:

  • Personal Practices
  • Clinics
  • Dentists
  • Psychologists
  • Nursing Homes
  • Chiropractors
  • Pharmacies
  • Health Plans
  • Clearinghouses

Business Associates of covered entities also have to be compliant. A business partner is anything which aids a covered entity executes its healthcare functions.

The Way to Make HIPAA Compliant

To be HIPAA compliant, a covered entity must follow each of the important HHS compliance legislation. These govern Protected Health Information in physical and digital form. They also control how employees and facilities interact with this information, and also everything to do in the event of a violation. Finally, a few of the rules upgrade earlier versions or put penalties for offenses.

What Rules Should I Follow?

HIPAA compliance is determined by following the regulations in the following three criteria. They are not brief, finite rules such as, “Do not share PHI" or, “Place all sharps in the red biohazard containers" They are long, legal records from HHS, like the instructions that follow IRS tax forms. The Significant compliance principles to follow would be:

  • The Privacy Rule
  • The Security Rule
  • The Breach Notification Principle

There is also an Omnibus Rule, an Enforcement Principle, the HITECH Act, and criteria governing HIPAA transactions. The remainder of this guide brings together 71 key action items from these principles combined. .

The HIPAA Compliance Checklist

The checklist below provides action items for your HIPAA Privacy, Security, and Breach Notification Rules, and another compliance functions and criteria.

All of the items below are “musts" unless they state to follow along “where sensible." Even in circumstances where adhering to the criteria is not “reasonable," organizations frequently must create a replacement way of addressing the matter. In any case they must record their reasoning for non-compliance

The services at Patriotmedbill are designed to assure HIPAA compliance in the following way:

  • Every employee at Patriotmedbill enters into a confidentiality agreement, the terms of which state that they agree not to use, publish or disclose, or permit others to use, any confidential information they may come in contact with.
  • Violation of this agreement warrants termination and legal action.
  • Access cards and biometric access screening control entry of employees into the facility. Our facility is manned 24 X 7 and unauthorized intrusion is practically impossible.
  • Access to critical areas such as the server room is restricted and only authorized personnel have entry rights to these sensitive areas.
  • Full Internet/Email access is provided to only authorized personnel. Access to computer systems is restricted by logins and passwords, which is unique for every employee.
  • Completely paperless environment – mainly for security and as a consequence, a ‘Go-Green’ initiative as well.
  • Connection to the clients’ servers is through secure site-site VPN tunnels with 128-bit encryption.
  • A dedicated Compliance Officer ensures compliance management processes, which are updated regularly and are stringently adhered to.