Clearing up the Confusion: A Multi-Part HIPAA Series
Last week while attending a conference I was asked about my responsibilities as a Compliance Specialist Manager.Â I briefly provided an overview, and discussed how keeping up-to-date with rules and regulations in healthcare are some of my most taxing responsibilities. Then, someone quickly responded to me saying: â€śYou are one of those abbreviation guys â€" responsible for keeping up with all the abbreviations in healthcare! Arenâ€™t you?!?â€ť
I responded in the affirmative. In many ways, her remark is true. In the world of healthcare compliance, abbreviations are similar to a bowl of proverbial alphabet soup â€" constantly keeping track of them becomes a daily chore.
Of all the abbreviations, perhaps there isnâ€™t one more important (or at least more prevalent today) than HIPAA. This conversation prompted me to address what many administrators, providers, and business associates sometimes mistake when they think of this Act. In Part 1 of this series, we will provide a brief overview of HIPAA.
Part 1 â€" HIPAA vs â€śHIPPAâ€ť
HIPAA is the abbreviation for the Health Insurance Portability and Accountability Act of 1996.
The goals of HIPAA include:
- Information efficiency by creating a simpler more standardized system
- Reduction of paper claims
- A reduction of errors through safe and universally accepted electronic transactions
- Lowered health care costs
- Privacy and security in the US health care industry
HIPAA provided the framework for the evolution of HIPAA rules including the HIPAA Privacy Rule and the HIPAA Security Rule. The HIPAA Security Rule and the HIPAA Privacy Rule are two distinct rules.
- The Privacy Rule covers the policies and procedures that must be in place to ensure that the patientâ€™s health information is protected and their rights are upheld.
- The Security Standard accompanies the Privacy Rule. In order to protect the health information security entities will be expected to have security safeguards in place.
â€śHIPAAâ€ť is often misspelled â€śHIPPAâ€ť
At one point or another, many of us have accidentally mis-typed HIPAA as â€śHIPAAâ€ť. Maybe subconsciously, we relate the term to the infamous hippopotamus which many of us call a â€śhippoâ€ť and this has played a role in our misspelling. Whatever the reasoning, today, I am going to argue in defense of this misspelling.
Being â€śone of those abbreviations guysâ€ť I thought it would be fun to look at what â€śHIPPAâ€ť as an abbreviation could represent:
In HIPAA the â€śHâ€ť represents â€śHealth.â€ť Â This also works for our new HIPPA abbreviation since this act is providing protection within healthcare; however, it could also represent Human. Sometimes, for healthcare professionals, we forget that the Privacy Rule gives you (â€śhumanâ€ť) rights over your health information and sets rules and limits on who can look at and receive your health information.
Our new â€śIâ€ť could easily stand for â€śInformationâ€ť as in â€śHealth Information.â€ť Â With the privacy rule covering policies and procedures that must be in place to ensure that patient health information is protected, â€śinformationâ€ť makes a whole lot of sense.
As mentioned above the â€śPâ€ť in HIPAA is for â€śPortability.â€ť Â In HIPPA, â€śPortabilityâ€ť also makes sense. Would it also make sense for the â€śPâ€ť to stand for â€śPatient?â€ť
At this point you can probably see where this is going.
For the purposes of this section, the second â€śPâ€ť will represent â€śPrivacy.â€ť
Finally, the â€śAâ€ť could easily stand for â€śAmendmentâ€ť or â€śAnnouncement,â€ť especially given the many changes, interpretations, and additions made to the HIPAA act over the past two decades. I think it is safe to say that we that these amendments and announcements are not going to end any time soon given the speed of technological innovations and changing pace of society.
What does it all mean?
As mentioned above, HIPAA provided the a framework for the evolution of HIPAAâ€™s two distinct and critical rules: the HIPAA Privacy Rule; and the HIPAA Security Rule. Our new acronym continues that evolution and defines a key aspect of this commonly misspelled act, which is the protection of sensitive patient healthcare information.
Next week, in part 2 of our article series, we will aim to clear up HIPAA Privacy Rule confusion, including a discussion about modifications provided by the HIPAA/HITECH Act and Omnibus Final Rule.
If you have any questions or concerns about HIPAA, please feel free to comment below, send us an email at [email protected], or reach us toll-free at 855-427-0427.