| The Health Insurance Portability and | | | | Signature Standards.These HIPAA laws and |
| Accountability Act or HIPAA, which was | | | | standards directly apply to the following |
| enacted by the US Congress in 1996, has | | | | groups of health care entities: health plans, |
| introduced to sweeping changes in health care | | | | public and private payers, health care |
| administration and information systems. HIPAA | | | | insurers, HMOs, Medicare, Medicaid, group |
| is a federal law that has been amended to the | | | | health plans, health care clearinghouses, any |
| Internal Revenue Code of 1986 which intends | | | | entity that facilitates the processing of |
| to improve portability and continuity of | | | | non-standard formatted health information and |
| health insurance; combat waste, fraud and | | | | must convert the non-standard data into |
| abuse in health insurance and health care | | | | standard transactions, or vice versa, Health |
| delivery; promote the use of medical savings | | | | Care Providers, providers who transmit health |
| accounts and improve access to long-term | | | | information electronically, providers who |
| health care services and coverage; and | | | | receive individual health information, and |
| simplify the administration of health | | | | providers who electronically maintain health |
| insurance.HIPAA is designed to standardize | | | | information used in electronic transmissions |
| the way all health care organizations | | | | between entities.Non-compliance with HIPAA |
| electronically exchange sensitive patient | | | | regulations may cause disruptions in an |
| data and to protect patients from | | | | organization's day-to-day business processes, |
| unauthorized disclosure of their medical | | | | resulting in both tangible and intangible |
| records (whether paper or electronic). Under | | | | costs. The most serious implications of HIPAA |
| HIPAA, there are specific standards that all | | | | non-compliance for health care organizations |
| health care organizations are required to | | | | include the inability to effectively conduct |
| adhere to. These standards include an | | | | electronic business and the potential of |
| Administrative Simplification Title that is | | | | losing significant segments of business. The |
| aimed at preventing health care fraud and | | | | government also imposes some sanctions on |
| abuse. Within this title, there are several | | | | those who fail to comply with the regulations |
| laws and proposed standards including | | | | of HIPAA. The penalty for failure to comply |
| Electronic Health Transactions Standards, | | | | with regulations goes up to $100 per |
| Privacy & Confidentiality Standards, Unique | | | | violation per person up to a maximum of |
| Health Identifiers, and Security & Electronic | | | | $25,000 per year. |