The U.S. Department of Health and Human Services (HHS) provides several web based tools to help providers understand and navigate HIPAA and its requirements. Below are summary excerpts from HHS that explain what HIPAA is and whether you, as a provider, fall under its umbrella.
The Standards for Privacy of Individually Identifiable Health Information (“Privacy Rule”) establishes, for the first time, a set of national standards for the protection of certain health information. The U.S. Department of Health and Human Services (“HHS”) issued the Privacy Rule to implement the requirement of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). The Privacy Rule standards address the use and disclosure of individuals’ health information—called “protected health information” – by organizations subject to the Privacy Rule — called “covered entities,” as well as standards for individuals’ privacy rights to understand and control how their health information is used. Within HHS, the Office for Civil Rights (“OCR”) has responsibility for implementing and enforcing the Privacy Rule with respect to voluntary compliance activities and civil money penalties.
A major goal of the Privacy Rule is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well-being. The Rule strikes a balance that permits important uses of information, while protecting the privacy of people who seek care and healing. Given that the health care marketplace is diverse, the Rule is designed to be flexible and comprehensive to cover the variety of uses and disclosures that need to be addressed.
Every health care provider, regardless of the size of their clinical practice, who electronically transmits health information in connection with certain transactions, is a covered entity. These transactions include claims, benefit eligibility inquiries, referral authorization requests, or other transactions for which HHS has established standards under the HIPAA Transactions Rule. Using electronic technology, such as email, does not mean a health care provider is a covered entity; the transmission must be in connection with a standard transaction. The Privacy Rule covers a health care provider whether it electronically transmits these transactions directly or uses a billing service or other third party to do so on its behalf. Health care providers include all “providers of services” (e.g., institutional providers such as hospitals) and “providers of medical or health services” (e.g., non-institutional providers such as physicians, dentists and other practitioners) as defined by Medicare, and any other person or organization that furnishes, bills, or is paid for health care.
HHS: Summary of the HIPAA Privacy Rule
Take a post-test and get CME credits
Please log in to access OBGFirst and the 2T Ultrasound Atlas
OBG Project CME requires a modern web browser (Internet Explorer 10+, Mozilla Firefox, Apple Safari, Google Chrome, Microsoft Edge). Certain educational activities may require additional software to view multimedia, presentation, or printable versions of their content. These activities will be marked as such and will provide links to the required software. That software may be: Adobe Flash, Apple QuickTime, Adobe Acrobat, Microsoft PowerPoint, Windows Media Player, or Real Networks Real One Player.
This educational activity may contain discussion of published and/or investigational uses of agents that are not indicated by the FDA. The planners of this activity do not recommend the use of any agent outside of the labeled indications.
The opinions expressed in the educational activity are those of the faculty and do not necessarily represent the views of the planners. Please refer to the official prescribing information for each product for discussion of approved indications, contraindications, and warnings.
Participants have an implied responsibility to use the newly acquired information to enhance patient outcomes and their own professional development. The information
presented in this activity is not meant to serve as a guideline for patient management. Any procedures, medications, or other courses of diagnosis or treatment discussed or suggested in this activity should not be used by clinicians without evaluation of their patient’s conditions and possible contraindications and/or dangers in use, review of any applicable manufacturer’s product information, and comparison with recommendations of other authorities.
Jointly provided by
