Essay Example on The Health sector is the significant and most Important

The Health sector is the significant and most important sector in the US today being valued at 5 trillion This makes the Health Insurance Portability and Accountability Act of 1996 hereinafter HIPAA the most common regulation The primary purpose of HIPAA is to protect the Personal Health Information PHI of the US citizens Mohammed 2017 In the early 1990s the American Health sector was faced with many challenges Many Americans were worried about their health insurance the states could not regulate the health insurance of people who chose self insurance Self insured companies could not cover terminal diseases of family members of its employees self employed persons could not afford insurance premiums and the fear of disclosure of private and sensitive medical information The HIPAA came into action in 1996 under the Clinton administration The regulation focused on protecting health insurance coverage for people who had insurance at a previous job It also focused on the provision of the protection of PHI as it directed the Congress to pass a Health Privacy Regulation within three years Tillery and Tillery 2017 Some amendments have been made to this act with the recent one being in 2013 where the Department of Health and Human Services HSS made some modifications to the HIPAA of 1996 The primary focus of the amendments was on the privacy rules 

PRIVACY AND SECURITY UNDER HIPAA Before HIPAA there were no set standards to protect PHI With technological advances that have seen the industry moving away from paper too much relying on electronic information systems confidentiality has remained a critical issue Protection of PHI is therefore a widely held mission of the public and lawmakers HIPAA ensures that PHI is kept secure from any action that would threaten confidentiality Goldenberg and Grantcharov 2017 The HIPAA privacy rule provides for national standards to protect PHI The rules apply to health plans and anyone in the health sector that carry out electronic health care transactions The general rule is that a covered entity may not disclose PHI except if the individual gives authorization in writing or by waiver in writing by the institutional review board IRB Covered entities are mandated to disclose information to the individuals and the HHS when undertaking the audit or enforcement action The HIPAA security rule provides protection for individual s electronic PHI generated received or held by a covered entity It requires administrative physical and technical measures to be put in place to ensure confidentiality integrity and security of electronic PHI by organizations covered entities 

The Department of Health and Human Services HHS and the Office of Civil Rights OCR are in charge of the administration and enforcement of the privacy and security regulations Penalties The HHS may impose a civil sanction on covered entities of 100 each time they fail to observe the privacy rule requirements There is a set maximum for the civil penalty which is 25 000 per year for multiple violations of the same condition Exemption to this sentence is available when abuse is due to reasonable cause involuntary or has been corrected within 30days of realization of a breach Criminal sanctions may be levied on a person who consciously acquires or discloses PHI against the HIPAA rules The person faces a fine of 50 000 and up to 1 year behind bars A person who knowingly obtains and discloses PHI under pretenses faces a fine of 100 000 and up to five years behind bars If a person acquires and reveals PHI with the aim to vend transfer or use it for monetary profit faces a fine of 250 000 and up to ten years behind bars Cited Work Goldenberg M Grantcharov T P 2017 Enhancing Clinical Performance and Improving Patient Safety Using Digital Health Digital health pp 235 248 https link springer com Mohammed D 2017 U S Healthcare Industry Cyber security Regulatory and Compliance Issues Journal of Research in Business Economics and Management www scitecresearch com Tillery S M Tillery T N 2017 Applications in Employee Benefits Planning United States Department of Health and Human Services OCR Privacy Brief Summary of the HIPAA Privacy Rule