It’s common to believe that HIPAA compliance standards are really only applicable to doctors and medical staff. If you work a 9 to 5 during the business week and sit behind a desk at a corporation; why would laws about healthcare or health insurance apply to your day-to-day? Let’s take a look.
What is HIPAA?
The Health Insurance Portability & Accountability Act (HIPAA) was put into law in order to ensure that all medical information is kept confidential and used only for its intended, legitimate purpose.
Under HIPAA, this medical information is called PHI, or Protected Health Information. PHI includes patient medical conditions, procedures, payment and insurance details, or anything that can be used personally identify the individual. Basically, it is anything that is related to a person’s health or healthcare history. It can even include things as simple as a voicemail appointment reminder.
As a rule of thumb, if the disclosure or use of PHI is not directly related to treatment, payment, or healthcare operations, the patient must give their written consent to the party wishing to access the information. This is true no matter where or how it is stored.
How does HIPAA apply to me at my job?
It is clear that hospitals and doctors collect patient information, but many outside that realm don’t realize that they also access PHI. Lawyers, accountants, managers, licensors, IT specialists, secretaries, data processors, storage facilitators, and many others have the possibility of being exposed to confidential medical details. These are called “business associates,” and includes anyone who has access to unencrypted health data.
Knowing what HIPAA does and does not require can be confusing, but the key principles are simple. No matter where you work, the most important things to know are how to store, transmit, and dispose of PHI. There are specific requirements for these within HIPAA. If you don’t know, ask!
HIPAA is definitely not just for doctors and other medical staff; it was created to protect PHI for everyone. Anyone who has access to this kind of data must do all they can to keep that information appropriately confidential. From entry-level assistants to team leaders, if you ever handle confidential medical information in any capacity, you must pay attention to compliance standards.
Latest posts by Kayley Melton (see all)
- Does Sexism Still Exist in the Tech World? - March 10, 2017
- What is Data Classification? Why is it Important? - November 16, 2016
- I’m not a doctor; I don’t need to pay attention to HIPAA. Right? - November 10, 2016