Health Insurance Portability and Accountability

Mills ME. Computer-based health care data and the Health Insurance Portability and Accountability Act Implications and informatics. Policy, Politics, and Nurs Prac 2.1 33-38, 2001. 

As of 2008, pharmacies and pharmacists need to use a National Provider Identifier (NPI). This number will be used by all covered providers and health plans in transactions related to administration and financial transactions under the Health Insurance Portability and Accountability Act (HIPAA). Specifically, pharmacists will need to use their NPIs when billing PDPs for MTM services. The NPI is a numeric 10-digit unique identifier for providers (CMS, 2007b). It is available to any health care professional simply by completing an online form available at https //nppes. cms.hhs.gov/NPPES/Welcome.do. 

Patient data collection is an extremely critical component of a value-added service. The information collected provides pharmacists with important baseline and monitoring parameters for patients. The amount and type of information needed from the patient or other health care providers may differ depending on the service, but nonetheless, this information is the foundation on which the other components of the service are built. Forms can be developed to help pharmacists collect this information (see Figs. 25-2 through 25-4). In addition, some consideration should be given to how this information will be stored (e.g., paper charts or electronic patient database). The information that should be collected from the patient includes demographic information, medical history, family history, and medication history. Since some of the information may need to be collected from other providers and health care institutions, an authorization to release medical information should be signed by the patient and kept as part of the chart (see Fig. 25-5). Lastly, pharmacists should ensure that their site is in compliance with the Health Insurance Portability and Accountability Act (HIPPA) and reinforce to their patients that the information they provide is confidential and secure at the pharmacy. 

The Health Insurance Portability and Accountability Act (HIPAA), which set standards for the privacy of individually identifiable health information, was signed into law in 1996 and went into effect in 2003. The Department of Health and Human Services (HHS) was required by Congress to promulgate the privacy stan-... 

Syndromic surveillance is a work in progress. There is a need for continued development of standardized signal detection methods and signal response protocols (Henning, 2004). Also, whereas reporting of patient information as part of traditional public health surveillance has been deemed exempt from the confidentiality guidelines in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), how those guidelines may be applicable to syndromic surveillance systems remains unclear (Buehler, 2004). 

The European Union s Directive on Data Protection bars the movement of personal data to countries that do not have sufficient data privacy laws in place. Additionally, the US Health Insurance Portability and Accountability Act (HIPAA) sets national standards for the protection of health information, as applied to the three types of covered entities health plans, healthcare clearinghouses and healthcare providers who conduct certain healthcare transactions electronically. HHS OCR HIPAA Privacy (2003). This law was enacted in recognition of the fact that advances in... 

In the United States, federal legislation called the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to make patient information more strictly protected than before. Although most pharmaceutical companies have limited access to patient names and other health information, any patient information must be carefully guarded to avoid violation of HIPAA statutes, which address the use and disclosure of individuals medical information by covered entities , and set standards for individuals rights to control the use of their medical information. Violations can result in fines and/ or, in some instances, imprisonment. 

Health Insurance Portability and Accountability Act (HIPAA) http //www.hcfa.gov/medicaid/hipaa/adminsim/ privacy.htm, accessed June 24, 2002. 

Prince, L.H. Carroll-Barefield, A. Management implications of the health insurance portability and accountability act. Health Care Manager 2000, 19 (1), 44-49. 

In 1996, the DHHS passed the Health Insurance Portability and Accountability Act (HIPAA) to facilitate the sharing of information while protecting patient confidentiality (medical records) subsequently, associated privacy regulations were issued in 2000 (Privacy Rule). Amendments to the Privacy Rule were proposed on March 27, 2002, to address research-related situations, and become effective on April 14, 2003. In essence, the Privacy Rule is the governing law for the use and disclosure of individually identifiable protected health information (PHI) by covered entities, defined as health care providers, health plans, or health clearing houses. HIPAA-compliant consents that include elements specified in federal regulations (45 CFR 164.508) will have to be provided by covered entities that carry out the activities of health care payment, treatment, or operations (PTO). Clinical research-related uses and/or disclosures of PHI beyond PTO will require that a specifically defined authorization be obtained from a research subject. HIPAA-compliant authorizations will have to include the following core elements ... 

HIPAA is the acronym for the Health Insurance Portability and Accountability Act of 1996. HIPAA evolved as a result of the rapid evolution of health information systems technology as well as the challenges for maintaining the confidentiality of health information. HIPAA was introduced initially as the Kennedy-Kassebaum bill, an outgrowth of the Clinton administration s attempt to revamp the health care system. The result in HIPAA was an effort to streamline and standardize the health care system and to establish the privacy of subject information. The result of this effort was the issuance of the final HIPAA rules in August, 2002, which establish the requirements that prevent the disclosure of individually identifiable health information (Privacy Rule) (1) without authorization from the subject. An accidental posting of individuals health records and fraudulent use of medical records precipitated the passage of HIPAA. 

Health Industry Manufacturer s Association (devices) Health Insurance Portability and Accountability Act Indian Health Service Human immunodeficiency vims HIV-positive HIV-infected Human immunodeficiency vims type 1 Health Maintenance Organization... 

Indeed typically the strongest of a patient s concerns is vague and ill formed. As also discussed below, if the privacy of health-related information, such as the Protected Health Information (PHI) defined by the Health Insurance Portability and Accountability Act (HIPAA) enacted by the US Congress in 1996, is compromised, we could be talking about a bankruptcy of a financially healthy institution or a prosecution of senior executives of the institution. The biggest challenge with privacy compliance is limiting the use of personal information to the purposes stated at the time of collection. 

Modelers that use data from clinical studies should also be careful to respect informed consent and the privacy of the patient information they have access to. With the Health Insurance Portability and Accounting Act of 2003, which was designed to ensure privacy of patient information, inappropriate disclosure of patient information can now lead to criminal charges and fines. Modelers who are also pharmacokineticists directly involved in clinical studies have an obligation to use minimally invasive sampling methods, e.g., saliva vs. plasma, with a minimum number of samples collected from each subject. If blood must be collected then a minimum amount of blood should be removed to protect the safety of the subjects (Svensson, 1989). 

---