The Health Insurance Portability and Accountability Act (HIPAA) has been viewed as a thorn in the side of many hospital administrators as they work to protect the privacy of patient information. But along with its challenges, it offers many benefits for both organizations and patients.
HIPAA, enacted in 1996, is meant to protect the privacy of health information, provide security of electronic records, simplify administration and ensure insurance portability. Quizlet gives a brief snapshot of how HIPAA achieves these goals:
- Detailed procedures for handling personal health information
- Regulations that ensure confidential records are kept private
- Common medical transactions and codes nationwide
- Health insurance access, portability and renewability by providing continuous coverage when people change or lose jobs
- Requirements for healthcare organizations to provide physical, technical and administrative safeguards
Compliance Is Daunting
Even though HIPAA has been law since 1996, statistics compiled by the Office of Civil Rights, a department within the U.S. Department of Health and Human Services, shows healthcare administrators struggle with compliance.
OnPage Corporation, in a 2017 survey on compliant status, rated over 100 healthcare institutions on their compliance efforts. The results were startling, with "inadequate or worse" compliance indicated in the following categories: 89% on providing patients a right of access or copy of their personal health information; 65% on providing a Notice of Privacy; 67% on notifying individuals that there has been a breach; 83% on performing an information security risk analysis; and 94% on establishing or maintaining an information security risk management plan.
Statistics from the Identity Theft Center, as reported by Health Tech Zone, paint an even bleaker picture: Over 80 healthcare security breaches occurred in the first three months of 2017, "exposing information from more than 745,000 patients. Nearly 60 percent of the reported breaches happened at a healthcare organization."
Administrators Must Rise to Meet the Challenges
Several issues relating to HIPAA must be addressed as the healthcare system seeks to become more efficient, the law firm Brown & Fortunato asserts. Foremost, privacy laws that require each client and patient to give permission for a provider to share information hamper patient care because providers cannot freely share information. "Without being able to share patient information between providers, it takes more time to obtain critical information that can affect patient care," the law firm states.
Second, legal costs for violating HIPAA provisions make many organizations reluctant to share patient information.
Third, healthcare organizations need to provide training and certification for employees on the provisions of the law. Brown & Fortunato advise the organizations to hire consultants to ensure the provisions are being met.
Security standards for protecting patient information may seem onerous, but healthcare organizations are reaping benefits from implementing HIPAA rules and procedures. All Covered shares a few:
- Offers a guideline for the correct way to handle information to protect both patient privacy and to create a "human firewall" against hackers
- Helps staff realize that protecting patients' personal health information is as important as infection control and medication safety measures
- Reduces executive and organization liability, and protects the staff from personal liability if training is conducted, as required by law
All Covered suggests HIPAA compliance also "reduces medical errors, increases patient satisfaction and trust, improves quality of care and creates operational efficiencies."
HIPAA is just one of the many issues bringing both challenges and opportunities to the healthcare system. It will take savvy administrators to navigate the twisting paths of politics, increased costs and ethical challenges.
Healthcare professionals looking to enter upper-level and executive positions in this rapidly changing industry should consider an advanced degree such as the Barry University MBA in Health Services Administration.
The AACSB International-accredited program provides the right balance of the social, legal and ethical aspects of healthcare with many common business practices, including managerial finance, marketing and accounting. The online program is perfect for working professionals eager to advance their careers and can be completed in 12 months.
Learn more about Barry University's online MBA in Health Services Administration program.
Have a question or concern about this article? Please contact us.