HIPAA - Health Insurance Portability And Accountability Act Of 1996

What does it mean?

• Addresses the security and privacy of health data
• Requires health care organizations to "maintain reasonable and appropriate, technical, and physical safeguards to prevent intentional or unintentional use or disclosure of protected health information"
• Applies to health information (such as medical records) held or disclosed in any form

Who is affected?

Any organization with access to patient information, such as:

• Clinics and hospitals
• Pharmacies
• Pharmaceutical companies
• Healthcare clearinghouses
• Doctors and nurses
• Insurance companies
• Business associates of covered entities

What is the impact? (penalties and fines)

• Complaints lead to compliance review and report
• Noncriminal violation (including disclosures made in error):
  Fines of $100 - $50,000 per violation and up to $25,000 - $1.5 million per year, for similar violations
• Potential criminal penalties:
  • Wrongful disclosure: $50,000 fine, 1 year in prison, or both
  • Offense under false pretenses: $100,000 fine, 5 years in prison, or both
  • Offense with intent to sell information: $250,000 fine, 10 years in prison, or both

How to reach compliance?

• Implement polices and procedures related to accessing information to ensure protected health information is properly secured and not disclosed
• Maintain Business Associate Agreements with outside suppliers who have access to protected health information
• Keep documentation in accordance with your internal document retention policy

Contact Us and a Cintas Document Management expert will do a no-obligation evaluation of your healthcare facility's information management needs.