Chat with us, powered by LiveChat

June 18, 2019

Everything You Need to Know About HIPAA

HIPAA is the Health Insurance Portability and Accountability Act of 1996, which is a law that was designed to keep the medical information of patients safe. HIPAA has the greatest impact in the workplace and compliance is not just essential, but also mandatory. All businesses are required to implement operating procedures to safeguard physical and electronic health records in order to satisfy the law.

What Information is Protected

Complying with various laws can be difficult for human resource professionals because some requirements are complex. For instance, while HIPAA protects health plan and medical records that are part of a health plan sponsored by the employer, it doesn’t necessary protect general employment records that might contain information related to an employees health. The United States Department of Health & Human Services has clear guidelines on privacy rules that must be followed explicitly.

Ensuring Employees are Informed

Simply having a policy concerning the privacy of employee health information is insufficient. That policy must be communicated on a regular basis and enforced at all times. One of the ways that employers ensure compliance is by providing regular training. It’s a way to confirm that everyone understands what’s expected and follows procedures accordingly.

In addition to training, employees are usually required to certify that they have received training and understand HIPAA requirements. It’s a great way to eliminate any confusion. For instance, a supervisor will know that it’s acceptable to ask for a doctors note when an employee calls in sick. However, they will also know that medical information cannot be obtained directly from the employee’s doctor.

Choosing a Privacy and Security Officer

Given the importance of ensuring HIPAA laws are followed, employers are required to assign an employee to the role of Privacy and Security Officer. The person who takes on this role is responsible to ensuring employee medical information is protected. The Privacy and Security Officer is usually someone who works in the human resources department and has a keen understanding of HIPAA requirements. The person assigned to the role usually works closely with the IT department to make sure records are secure.

In addition to managing compliance requirements, the Privacy and Security Officer must ensure policies and procedures for complying with HIPAA regulations are in writing. These written policies and procedures must provide guidance concerning medical records in the event of a natural disaster, such as a flood or hurricane. The Privacy and Security Officer must also maintain updated knowledge of HIPAA regulations since the rules change periodically. HIPAA changes usually take place on the first day of the year. Once changes occur, all employees are required to receive new training that covers any new HIPAA requirements.

Spread the love