Health Insurance Portability and Accountability Term Paper

Download this Term Paper in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Term Paper:

d.) the variations HIPAA necessitates would be sufficient and the changes would be accompanied by remarkable uneasiness in several respects. Functioning in the type of high-security setting visualized by the proposed HIPAA security regulations would imply functioning under regular surveillance and with concentration to making medical record information as being secure. Whether in relation to paper or electronic form, information relating to medical record could not be any longer be left unprotected, wherein a normal observer, a thief or a snoop, could have reach to it. ("History: HIPAA General Information. Health Insurance Portability and Accountability Act," n.d.)

The Health Insurance Portability and Accountability Act -- HIPAA indicate to be one of the most confronting functional initiatives most radiologists would confront in their careers. The anticipations of HIPAA are very large and the results of failure to agree continue beyond the related financial penalties. Not similar to the fraud and abuse compliance programs, that are considered to be voluntary, HIPAA is compulsory for groups utilizing electronic data transmissions, having stringent time stipulations and penalties for non-consonance. But HIPAA is most of the time vague, basically because the controls were being written for such a broad arena of health care such as insurance firms and the big health care systems within the country to the small medical or the dental practices. Attaining the required amount of cultural variations is prone to be HIPAA's largest challenge as about 200 new policies and practices are initiated and a new mode of thinking about work is required. For such practices which have not yet started working with regard to their compliance plans, the weeks as well as months forward would be tense and taxing to staff morale. Groups which have started functioning with regard to their compliance plans have revealed their frustration that go together with solving one problem only to find three more in the process. The initiation of the Privacy Standards continues to be particularly challenging, because they identify the first initiation to the new world of HIPPA and they are complicated, not suited well to radiology functions, and would be problematic for the staff to recollect. (Kroken, 2002) significant element of HIPAA, the security norms, strive to safeguard the safety of health information in digital form, in contrast to the privacy standards, that is applicable to PHI in all kinds -- electronic, oral and written. The security norms adopt national standards for protection to safeguard the secrecy, integrity and accessibility of digital PHI. The ultimate norms were brought out on February 20, 2003. Security is chalked out to deal with protections and set minimum, uniform standard levels for digital concerns such as authorization of accessibility, data backup and storage; catastrophe revival strategies; encryption and decryption; capability safety strategies; emergency functions; maintaining records; safety recollections; managing password; personnel security; termination processes, and safe forms of disposal. (Schoppmann www.sciencedirect.com/science?_ob=ArticleURL&_udi=B7CWD-4DDNR0X-8&_user=5715998&_coverDate=10%2F01%2F2004&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000068197&_version=1&_urlVersion=0&_userid=5715998&md5=537f150d0b174e0e135401492463e356;Sanders, 2004)

In this manner the liability that physicians have to safeguard their patients from damage gives rise to the liability to safeguard patient secrecy and information. The change from paper and film oriented medical records towards electronic ones brings about supplementary challenges and liabilities to the healthcare providers. The radiologists make participation in this responsibility to safeguard patient privacy and the safety of patient information, particularly in acquiring, storage as well as delivery of medical images and associated reports. It is pertinent for radiologists to meticulously record their privacy and security policies and make this information known to their patients. The liability to safeguard patient secrecy and to make patient data secure from loss or corruption is an important necessity for the providing of medical care by a radiologist. ("Practice Guideline for Electronic Medical Information Privacy and Security," 2004)

The conformity of the HIPAA security norms initiates then, with a survey and evaluation of risk, utilizing the standards and specifications relating to the security standards as being the guide. The decision making need to be reinforced by means of probable responsibilities, results, practice size and resources, technical capacity and the expenses of executing the probable security remedies. (Schoppmann www.sciencedirect.com/science?_ob=ArticleURL&_udi=B7CWD-4DDNR0X-8&_user=5715998&_coverDate=10%2F01%2F2004&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000068197&_version=1&_urlVersion=0&_userid=5715998&md5=537f150d0b174e0e135401492463e356;Sanders, 2004) to begin with, an accurate and present inventory of all systems that create, disseminate, store or processing of patient information is essential. but, only understanding what and where is not adequate. HIPAA conformity officers or their delegates are required to acquaint themselves with all arenas of the medium applied for storing medical records incorporating but definitely not confined to "(1) Internet Protocol -- IP Address as well as Domain Name System -- DNS name; (2) Operating system, version, as well as vulnerabilities; (3) Needed processes as well as their vulnerabilities; (4) Any un-required services processed on the computer, (5) Auditing or accessing abilities of each system is required to incorporate as to what an individual had made accessibility and who have was able to access a particular record; (6) All outside points of accessibility from the Internet like modems or edge routers; (7) Organizational levels that cater to a virtual private network -- VPN, and the security capacities of each; (8) Firewalls location in the architecture and security level capacities of each; (9) if the interference recognition is applied and what its abilities are (10) Wireless accessibility points and level of securities imposed; (11) Network policies and written system that are being enforced." ("Practice Guideline for Electronic Medical Information Privacy and Security," 2004)

Once finished, the inventory survey could be applied to conduct the risk analysis. Performing this exercise assists the HIPAA compliance officer make prioritization of the departmental procedure. A couple of crucial terms to remember are the comparative significance of the device, and the sensitivity of the data on it. An important device like a Radiology Information System -- RIS need to have high amount of fault tolerance. A scanner, alternatively, might have a large number of support systems; therefore the fear of loss might not be so grave. Contrary to this the lengths to that one is required to safeguard data is required to be something associated with the sensitivity of that data. A device which has only patient names as well as examination accessibility numbers, example, a procedure function list client is not as crucial to have compromised as that of a Hospital Information system -- HIS or Electronic Medical Record -- EMR that includes all data on a patient. ("Practice Guideline for Electronic Medical Information Privacy and Security," 2004)

Devices having high value of data need to be properly protected with regard to confidentiality, whereas those items which are crucial is required to be significantly fault lenient. As soon as the inventory is recognized and the liability is evaluated, an execution strategy making comparisons of the present state of equipment to that of the desired ultimate state is essential. The distinction between what is presently in place and what is required to term the 'gap'. The gap study strives to carry out the execution plan and the financial budget. To illustrate, a present teleradiology system might transmit images unencrypted through the Internet. HIPAA rules necessitates a system that could detect users, audit their activities, and safeguard the exams from view by unauthorized third persons. Hence a simple list to cater to this gap and create a budget would be (1) an up-gradation to the present level of operating system. (2) a tele-radiology which provides user auditing; (3) Hardware -- or software focused public important encryption. The other sub-sections utilize the present HIPAA rules to attain recommended policies as well as processes for compliance- thereby indicating the ultimate objective for analysis of the gap. ("Practice Guideline for Electronic Medical Information Privacy and Security," 2004)

The radiologists are hence to make certain the compliance with applied provisions of the Health Insurance Portability and Accountability Act of 1996 that associates processes dealing with the safeguard, usage and disclosure of Protected Health Information-PHI, record of displays, accessibility by individuals as well as third parties to PHI, safeguard of PHI by contractors, business associate agreements as well as training of employees. Radiologists in consonance with the Health Insurance Portability and Accountability Act of 1996 are to consider personal information securely as well as secretly. The radiologists are to confine accessibility to personal information to only such individuals who require recognizing that information to offer support services to clients. They have to be skilled with regard to the significance of protecting this information and are required to be in agreement with the processes and applicable laws. Radiologists have to cater to stringent physical, electronic as well as procedural safety norms to safeguard personal information and keep up internal systems to foster the integrity and accuracy relating to that information. ("HIPAA policy: Radiology Contractors," n. d.)

Practices relating to Radiology that have performed their job of implementing of the privacy norms would stay ahead of the security game since the privacy standards already necessitate that a covered entity have in place, "suitable technical, administrative and physical protections to safeguard the privacy relating to safeguarded health information." (Schoppmann www.sciencedirect.com/science?_ob=ArticleURL&_udi=B7CWD-4DDNR0X-8&_user=5715998&_coverDate=10%2F01%2F2004&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000068197&_version=1&_urlVersion=0&_userid=5715998&md5=537f150d0b174e0e135401492463e356;Sanders, 2004) Majority of…[continue]

Cite This Term Paper:

"Health Insurance Portability And Accountability" (2007, October 02) Retrieved December 8, 2016, from http://www.paperdue.com/essay/health-insurance-portability-and-accountability-35423

"Health Insurance Portability And Accountability" 02 October 2007. Web.8 December. 2016. <http://www.paperdue.com/essay/health-insurance-portability-and-accountability-35423>

"Health Insurance Portability And Accountability", 02 October 2007, Accessed.8 December. 2016, http://www.paperdue.com/essay/health-insurance-portability-and-accountability-35423

Other Documents Pertaining To This Topic

  • Health Insurance Portability and Accountability Act HIPAA

    Health Insurance Portability and Accountability Act (HIPAA) Discuss whether there has been a violation of Health Insurance Portability and Accountability Act (HIPAA)? There are no court rulings that can shed light on the issue. However going by the given facts, it is as follows: "Dr. Williams shows Joan's medical records to a friend for advice. His friend tells Dr. Williams to contact his medical malpractice insurance carrier." The problem here is if

  • Health Insurance Portability and Accountability Act HIPAA

    Health Information Portability Accounting Act (HIPAA, went into effect the first quarter of 2003. Indeed, HIPAA creates federally mandated requirements regarding protected health information (PHI) that can impact any employer, regardless of its size, location or industry. Government estimates place the price tag for compliance within the public and private sectors at an estimated $22 billion. While the Privacy Rules were not aimed at regulating non-medical employers, employers who sponsor

  • Health Insurance Portability and Accountability

    The dilemma is often easier to resolve once those emotions and assumptions are put into their rightful context. For this paper, critical thinking came into play was logic. It is understood that initially the nursing profession had issues with HIPAA. These issues were practical, however, and when the law was matched up against the underlying principles and the Code of Ethics, it became apparent that the guidelines that can be

  • Health Insurance Portability and Accountability Act

    High Insurance Portability Health Insurance Portability & Accountability Act Some hope was given for the current legal environment to become better defined for health-care providers when Health Insurance Portability & Accountability Act (HIPAA) was passed by the in 1996. As previously mentioned, HIPAA is a monumental act that attempts to address and incorporate all three issues-- privacy, confidentiality, and security within one law. When HIPAA was passed, many applauded the portability aspects

  • Health Insurance Portability and Accountability Act HIPAA

    Health Insurance Portability and Accountability Act (HIPAA) of 1996 provided for the better management of health information as well as increased health coverage for target entities. Of particular emphasis the law has is the privacy and security of health information. Prior to the implementation of HIPAA, there was an ad hoc management of health information and health coverage is very limited. Often disparate policies and standards are used from

  • HIPAA the Health Insurance Portability and Accountability Act of...

    HIPAA (the Health Insurance Portability and Accountability Act of 1996) and Recent Changes On August 21, 1996 a new law was signed called the Health Insurance Portability and Accounting Act of 1996, which is abbreviated as HIPPA (HEP-C, 2003 & Regence, 2003). The law guarantees many things to American workers, including continuous healthcare coverage for people who are changing jobs (DC, 2003). HIPPA also includes a provision that details the manner

  • Cobra Health Insurance Health Insurance How Cobra

    COBRA Health Insurance Health Insurance How COBRA Works Davis was terminated from his employment because of long absence from work and not because he voluntarily resigned or any gross negligence on his part. Therefore, he and his family are eligible for health insurance coverage under the Consolidated Omnibus Budget Reconciliation Act (COBRA) provided his company maintains its group health plan and still has 20 or more employees for which they currently have 100.


Read Full Term Paper
Copyright 2016 . All Rights Reserved