Review of HIPAA, Part 2: Limitations, Rights, Violations, and Role for the Imaging Technologist.

This article is the second part of a continuing education series reviewing the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The term HIPAA should be familiar to those who work in the medical profession, but this article includes details on its rules, patients' rights, violations, breaches, and penalties. To help administer these safeguards, HIPAA requires that every organization designate a HIPAA privacy and security officer. HIPAA violations can have serious repercussions when rules are not followed; these violations can be either negligent or willful. If breaches of unsecured protected health information occur, HIPAA requires covered entities to notify affected individuals, the Secretary of Health and Human Services, and in some cases the media. Violations in which the covered entity did not know of the violation are now punishable under the first tier of penalties. Unintended violations carry a minimum penalty of $100 per violation and a maximum of $50,000 per violation. All patients have a right to privacy and a right to confidential use of their medical records. The role of medical professionals includes understanding how and when to apply these HIPAA rules verbally and electronically.

Review of HIPAA, Part 1: History, Protected Health Information, and Privacy and Security Rules.

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 has made an impact on the operation of health-care organizations. HIPAA includes 5 titles, and its regulations are complex. Many are familiar with the HIPAA aspects that address protection of the privacy and security of patients' medical records. There are new rules to HIPAA that address the implementation of electronic medical records. HIPAA provides rules for protected health information (PHI) and what should be protected and secured. The privacy rule regulates the use and disclosure of PHI and sets standards that an entity working with health data must follow to protect patients' private medical information. The HIPAA security rule complements the privacy rule and requires entities to implement physical, technical, and administrative safeguards to protect the privacy of PHI. This article-part 1 of a 2-part series-is a refresher on HIPAA, its history, its rules, its implications, and the role that imaging professionals play.