Health Insurance Portability and Accountability Act of 1996
Privacy of health information is federally protected under the HIPAA. The HIPAA statute included provisions that required the Department of Health and Human Services to create a Privacy Rule to establish “a foundation of federal protections for the privacy of protected health information” (www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/usesand disclosuresfortpo.html). The Privacy Rule defines PHI as “individually identifiable health information, held or maintained by a covered entity or its business associates acting for the covered entity that is transmitted or maintained in any form or medium (including the individually identifiable health information of non-U.S. citizens)” (http://privacyruleandresearch.nih.gov/pr_07.asp). This includes identifiable demographic information such as the patient’s name, account number, and address; information about the past, present, or future medical condition of the patient; and associated payment and payer information that will identify that individual patient.
You should familiarize yourself with the provisions of HIPAA, especially those that protect the release, review, and return of PHI at the conclusion of an audit. It is important to understand that HIPAA is not meant to prevent audits, fraud risk assessments, or appropriately initiated fraud investigations. Instead, it is meant to increase accountability for inappropriate release or use of PHI. Further, it requires ...
Get Healthcare Fraud: Auditing and Detection Guide, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
