HIPAA Security


What is HIPAA?

HIPAA is a federal statute that made sweeping changes to healthcare laws. Although it was enacted in 1996, it wasn’t fully implemented until 2003. Since then, additional laws have been passed that modified regulations and added enforcement provisions.

HIPAA’s primary purpose was to help workers continue health insurance coverage when they change jobs or become unemployed. It also included another section, called Administration Simplification (AS), which is the part that has substantially impacted the medical transcription profession. The AS section of HIPAA gives patients greater control of (and access to) their own medical records and how their personal health information is used.

That form you now sign every time you visit a new health provider confirming that they’ve given you a copy of their patient privacy policy comes from this section.

It also includes the Privacy Rule and the Security Rule, which together regulate how particular members of the healthcare industry must manage individual health information. You can think of it as the who, what, how, and “or else” of protecting personal health information.

The Privacy Rule applies to all PHI (protected health information), including paper and electronic. The Security Rule deals specifically with standards for the security of electronic protected health information (e-PHI). It defines administrative, physical, and technical safeguards that must be employed.

It is essential that healthcare providers partner with HIPAA-compliant companies like MTSOA to safeguard PHI.

Why is HIPAA important?

Because patients need to know that what they say to their healthcare provider is private, that they can trust them not to pass on information or let anyone else see their records without consent. HIPAA gives you rights over your health information and sets rules and limits on who can look at and receive your health information.

What information is protected?

Under HIPAA, the following patient information is protected:

  • Name, address, birth date, and social security number

  • Care provided

  • Physical and mental health conditions

  • Payment information

For more information, refer to MTSOA’s Privacy Policy.