10/12/2011

Health Insurance Portabilit and Accountabilit Act (HIPAA) Home

HIPAA at DSHS

Topics on this page:

Covered Entities Provisions EDI Privac Securit NPI Penalties

What is HIPAA?
HIPAA is the acronym of the Health Insurance Portability and Accountability Act of 1996. The main purpose of this federal statute was to help consumers maintain their insurance coverage, but it also includes a separate set of provisions called Administrative Simplification. This section of the act is aimed at improving the efficiency and effectiveness of the health care system. The key components of Administrative Simplification include: Standardized electronic transmission of common administrative and financial transactions (such as billing and payments) Unique health identifiers for individuals, employers, health plans, and heath care providers Privacy and security standards to protect the confidentiality and integrity of individually identifiable health information Top

Covered Entities The HIPAA regulations appl to:

Health Plans Health Care Clearinghouses (Entities that facilitate electronic transactions by "translating" data between health plans and providers when they use non-compatible information systems.) Health Care Providers who transmit health information in electronic form in connection with one or more of the eight covered transactions. Business associates of a covered entity are not directly controlled by the regulations, but mandatory contracts require them to protect the privacy of individually identifiable information. Government agencies specifically named in the regulations are covered entities, as are agencies that function as a health plan or a health care provider. Top

Provisions
Electronic Data Interchange (EDI) Transaction Standards Code Sets Privacy Security National Standard Identifiers Provider Employer Health Plan Top

.dshs.state.t .us/hipaa/default.shtm

1/3

10/12/2011

Health Insurance Portabilit and Accountabilit Act (HIPAA) Home

Electronic Data Interchange ( EDI )

T C O Transaction Code Set Standards . T 16, 2003. S . EDI

T ( ASC X12 270 271 276 277 278 820 834 835 837 T = = = = = = = = =

) 4010 E I C C A H B R C S I R S S I E /P E R I I R P R .T

.T :

ANSI

A P

HIPAA C

. HIPAA D P S A HIPAA HIPAA T . /D - ICD 9 - CPT 4, CDT - HCPCS C D -H L S

(HL7)

Privac
T . HIPAA P . T A 14, 2003.

Securit
T (PHI). HIPAA ( T ( -PHI). T : Administrative safeguards .T ' Ph sical safeguards
.dshs.state.t .us/hipaa/default.shtm 2/3

A A 20, 2006).

21, 2005

, / . ,

10/12/2011

Health Insurance Portabilit and Accountabilit Act (HIPAA) Home

within buildings, floors, departments, offices, and desks. These safeguards include doors, locks, badge access, location of workstations (obscured from public view), and media controls (e.g. location of back-up tapes). Technical afeg a d include limiting electronic information access to particular users or user groups, including different levels of software access rights, and tracking access through audit controls. T

National Provider Identifiers (NPI)

These regulations establish the standard unique health identifier for health care providers to simplif administrative processes, such as referrals and billing, to improve accurac of data, and reduce costs. The Final Rule was published Januar 23, 2004. Health Care providers began appl ing for NPIs on the effective date of the final rule, which was Ma 23, 2005. All health care providers are eligible to be assigned NPIs; health care providers who are covered entities must obtain and use NPIs. All HIPAA covered entities must use NPIs b the compliance dates: Ma 23, 2007 for all but small health plans. Ma 23, 2008 for small health plans. T

Penalties for Failure to Compl with HIPAA

The legislation carries heav civil and criminal penalties for failure to compl .US DHHS Office for Civil Rights will enforce civil penalties that ma include penalties from $100 per violation to $25,000 per calendar ear.US Department of Justice will enforce criminal penalties which ma include up to 10 ears imprisonment and a $250,000 fine. T
La pda ed No embe 10, 2010

.dshs.state.t .us/hipaa/default.shtm

3/3