Health Insurance Portability and Accountability Act (HIPAA) Title II was enacted in 1996 by the US Congress and contains two rules: Privacy Rule and Security Rule. The HIPAA Privacy rule protects personal health information held by covered entities and gives patients an array of rights with respect to their information, while the Security Rule specifies a series of administrative, physical, and technical safeguards that gives broad guidelines to assure the confidentiality, integrity, and availability of electronic protected health information. Under HIPAA, the Department of Health and Human Services (HHS) are required to establish national standards for electronic health care transactions and national identifiers for not only providers, but for health plans and employers to protect individually identifiable health information.
If a health center fails to cooperate, they face fines of $50,000(minimum) a day with an annual maximum of $1,500,000 for the same violations.
OKPCA provides HIPAA Technical Assistance through:
- Evaluation of HIPAA Policies and Procedures
- Conduct a basic Risk Assessment
- Coordinated training on HIPAA standards and guidelines
For more information, including pricing structure, please contact OKPCA.
OIG and HRSA Audit
Breaches Affecting 500 or More Individuals
Department of Health and Human Services
HHS HIPAA Audit Program Protocol
OCR Risk Analysis Guidance
Office for Civil Rights