HIPAA (Health Insurance Portability and Accountability Act)
Essentially, this act ensures that patient records remain private and do not become part of the public domain. The government imposes severe penalties for non-compliance with HIPAA.
The HIPAA legislation has four primary objectives:
- Ensure health insurance portability by eliminating job lock due to pre-existing medical conditions
- Reduce healthcare fraud and abuse
- Enforce standards for health information
- Guarantee security and privacy of health information
Potential HIPAA Penalties
- Civil fines of up to $25,000 a year
- Criminal penalties reaching $250,000 and up to 10 years in prison
HIPAA noncompliance can have devastating consequences. It results in severe fines and penalties, but also to litigation and business threatening publicity.
Examples of items to shred due to HIPAA:
- Billing Records
- Computer Disks
- Hard Drives
- Insurance Records
- Patient Correspondence
- Patient Medical Records
- Prescription Information
- Registration Forms
- Sign-in Sheets
The Health Information Technology for Economic and Clinical Health Act (HITECH Act)
The Health Information Technology for Economic and Clinical Health Act (HITECH Act) legislation created to stimulate the adoption of electronic health records (EHR) and supporting technology in the United States. President Obama signed HITECH into law on February 17, 2009 as part of the American Recovery and Reinvestment Act of 2009 (ARRA), an economic stimulus bill.
The HITECH act stipulates that, beginning in 2011, healthcare providers will be offered financial incentives for demonstrating meaningful use of electronic health records (EHR). Incentives will be offered until 2015, after which time penalties may be levied for failing to demonstrate such use. The Act also establishes grants for training centers for the personnel required to support a health IT infrastructure.