The Health Insurance Portability and Accountability Act (HIPAA), which provides data privacy and security provisions for safeguarding medical information, can be just as confusing as it is important. Between the law’s Privacy Rule, Security Rule, Omnibus Rule, Breach Notification Rule and Enforcement Rule, compliance is multitiered and ever-evolving.
In 2018, the Office for Civil Rights received $28,683,400 in financial penalties — a record-breaking year in terms of the total penalty amounts paid. Last year also saw the largest-ever HIPAA settlement, totaling $16,000,000, when the protected health information (PHI) of 78,800,000 plan members was stolen by hackers.
Breaches of protected health information can be devastating to a healthcare facility and its patients. That’s why the U.S. Department of Health and Human Services (HHS) regularly posts answers to FAQs submitted by individuals responsible for protecting patient data.
Common FAQs include subjects such as covered entities, authorizations, disclosures to law enforcement, disclosures to family and friends, FERPA, health information technology and smaller providers and businesses.
Since there are hundreds of FAQs on HHS’ website (you can find the full list of FAQs here), we put together this quiz with a dozen FAQs we feel healthcare providers must know in order to effectively protect patient information.
To stay up-to-date on the HIPAA Privacy and Security Rule, you can subscribe to their newsletters here.
Good luck!