1. Home
  2. Samples List
  3. View

Hipaa

Running head HIPAA COMPLIANCE: 1
HIPAA Compliance
Name
Institution Affiliation
HIPAA COMPLIANCE: 2
Introduction
HIPAA, original name as Kennedy-Kassebaum Bill, is a established of principles that became
law in 1996. Its main aim is to assist people carry health insurance from one company to the
other and rationalize the program of medical registers from one health care institution to the next.
Moreover, HIPAA formed a system to enforce and recognize the rights of patients to secure the
secrecy of the medical files. It is a sequence of regulations that have essential health care
administrations to invest money and time into preparation for strict compliance. It can be
arduous and lengthy energy for those in the healthcare production, for patients it creates sense of
security.
HIPAA Compliance
The Health Insurance Portability and Accountability Act (HIPAA) is a body based in the
United States of America that is responsible for safeguarding and protecting the medical
information of clients. The organization started on the 21st of August in the year 1996. It was
made into law to assist working class people who moved from job to job secure their medical
insurance cover with ease.
Apart from its primary purpose of providing insurance cover for people who shift jobs,
HIPAA also has other functions that it performs and they include the following; It acts as a
confidant on behalf of the client by safeguarding the patient's health information that a customer
needs to be confidential (Gostin L, 2009) . This ensures that nobody has any knowledge
whatsoever about a patient's medical history. It also assists in reducing the costs of accessing
HIPAA COMPLIANCE: 3
healthcare by facilitating medical, financial transactions to be done through electronic
transmission as opposed to the tedious and time consuming manual work with paper.
HIPAA also provides a platform on which a client can forward their grievances and
complaints to the appropriate authorities to receive better services in the future (Gostin L, 2009) .
Several concepts of security and privacy guide the regulation of health information. They are;
Boundaries- A ‘line' should be drawn and not be overstepped to ensure that the personal medical
records of a patient are used only for medical purposes which include delivering appropriate care
to the patient and also for the payment of healthcare services, which guarantees health insurers
access to such information. Other than that, the health records of patients should remain
confidential.
Security- Those responsible for safe keeping of the health records of clients should do everything
within their power to ensure that the files are only accessible for follow up of the patients' health
or any other medical reason that genuinely warrants access to them (Greene, A. H., 2012).
Consumer control- The client has the utmost control of his/her medical records. They
have the right to know and authorize those who have access to their medical records and what
contains in them (Greene, A. H., 2012). They also hold the right to change their health records if
they detect a problem, especially if it comes to their knowledge that some of the information
documented in their records is wrong or is currently irrelevant.
Accountability- If the people responsible for handling the health records of patients, such
as doctors and health insurers misuse their power and use a patient's information for the wrong
purpose, they should be held accountable for their actions. They should get punishment by the
laws of the legislation.
HIPAA COMPLIANCE: 4
Public responsibility- Some instances require that medical records be known for the sake
of the public's safety (Gostin L, 2009) . For example, patients suffering from highly contagious
illnesses such as cholera and tuberculosis should get advice on how to handle themselves to
minimize their chances of spreading the disease to others. For such follow-up to be done, the
medical records of such patients need to be accessible.
When it comes to complying with the HIPAA guidelines, there are both physical and
technical safeguards that must be put in place to ensure the maximum security and privacy of
clients' health records. Physical safeguards focus primarily on the physical access to medical
records under protection, and technical safeguards concentrate on the safety of the customer's
data while administrative safeguards focus on the policies and procedures of the legislation
(Greene, A. H., 2012).
Physical safeguards divide into three standards which are;Facility access control- Only
personnel authorized by the appropriate bodies should have access to the facilities where the
health records stored for safe keeping. This particular safeguard has four implementation
specifications which are; Contingency Operations, which makes sure that, in case of an
emergency, there are authorized people to gain access to the patient's medical records. Facility
security plan, which ensures that the facility in which the protected medical records kept is safe
and secure from unauthorized access, tampering, and theft. This can be done through, always
locking the facility or hiring security to watch over the facility (Gostin L, 2009) . Access control
and validation procedures ensure that only the authorized personnel have access to the medical
records and that they only access the records solely for medical purposes and also according to
their role in the organization.
HIPAA COMPLIANCE: 5
Workstation use is yet another physical safeguard used in ensuring safe keeping of
protected records. According to the health department, a workstation is any electronic device that
can be used to gain access to the medical records (Gostin L, 2009) . The purpose of the
workstations should be defined, be it for few purposes such as checking patients' conditions or
whether it has many functions, and if access to protected records is one of them.
Workstation security is the other physical safeguard, but unlike workstation use, it
focuses on how the workstations are physically protected from users who are not authorized. The
final protection is device and media controls. This is concerned with the removal of workstation
devices from the facility, and also within the same facility (Greene, A. H., 2012).
The technical safeguards are the measures taken to ensure that the protected medical
records stored in electronic devices are safe from unauthorized personnel. Access and audit
control- Done through check control where facilities responsible for safe keeping of the
protected health records implement hardware and software procedural mechanisms that monitor
the activity of the information systems.
Authentication and integrity-This policy are meant to ensure that the health records stored
in electronic devices are not altered or destroyed in any way. Such controls can be made by
knowing how outside interference can mess with the integrity and authenticity of the information
(Greene, A. H., 2012).
Failure to comply with the HIPAA regulations leads to unwanted fines and penalties. The
penalties largely depend on the level of negligence and are usually between $100 to $50000 per
violation. The maximum penalty can even go all the way up to $1.5million. The more the neglect
of the regulations, the higher the amount of fine paid. The HIPAA violations and penalties are
HIPAA COMPLIANCE: 6
divided into civil and criminal. Different violations have varying quantities of goods. For
example, if the HIPAA violation is due to a reasonable cause and not due to willful neglect, the
fine is usually $1,000-$50,000. If the violation is due to neglect but is corrected within the right
amount of time, the penalty is usually $10,000-$50,000. When the violation is due to neglect and
is not corrected at all, the penalty is not less than $50,000 (Gostin L, 2009) .
The criminal penalties include; If the violation is done unknowingly, or due to reasonable
cause, the penalty is one year in prison. In instances where the violation is due to pretense, the
fine is up to five years in jail, and if it is done knowingly for personal gain of for wrong,
malicious reasons, the fine is up to ten years in prison.
HIPAA COMPLIANCE: 7
Reference list
Greene, A. H. (2012). HIPAA compliance for clinician texting. Journal of AHIMA, 83(4), 34-36.
Gostin, L. O., Levit, L. A., & Nass, S. J. (Eds.). (2009). Beyond the HIPAA privacy rule:
enhancing privacy, improving health through research. National Academies Press.

Place new order. It's free, fast and safe

-+
550 words
Total price: $ 15.00

Our customers say

Customer Avatar
Jeff Curtis
USA, Student

"I'm fully satisfied with the essay I've just received. When I read it, I felt like it was exactly what I wanted to say, but couldn’t find the necessary words. Thank you!"

Customer Avatar
Ian McGregor
UK, Student

"I don’t know what I would do without your assistance! With your help, I met my deadline just in time and the work was very professional. I will be back in several days with another assignment!"

Customer Avatar
Shannon Williams
Canada, Student

"It was the perfect experience! I enjoyed working with my writer, he delivered my work on time and followed all the guidelines about the referencing and contents."

  • 5-paragraph Essay
  • Admission Essay
  • Annotated Bibliography
  • Argumentative Essay
  • Article Review
  • Assignment
  • Biography
  • Book/Movie Review
  • Business Plan
  • Case Study
  • Cause and Effect Essay
  • Classification Essay
  • Comparison Essay
  • Coursework
  • Creative Writing
  • Critical Thinking/Review
  • Deductive Essay
  • Definition Essay
  • Essay (Any Type)
  • Exploratory Essay
  • Expository Essay
  • Informal Essay
  • Literature Essay
  • Multiple Choice Question
  • Narrative Essay
  • Personal Essay
  • Persuasive Essay
  • Powerpoint Presentation
  • Reflective Writing
  • Research Essay
  • Response Essay
  • Scholarship Essay
  • Term Paper
We use cookies to provide you with the best possible experience. By using this website you are accepting the use of cookies mentioned in our Privacy Policy.