Health Insurance Portability and Accountability Act or HIPAA is a federally enacted law, although if the state has stricter guidelines healthcare providers must fallow the state’s law. For example HIPAA requires the health care provider to keep documents for 6 years after the last date of service, and the state requires health care providers to keep documents for 10 years after the last date of service, than the health care provider must fallow the states guidelines for these types of things.
There are many key facts that a health care employee should know about the HIPAA law. On the first date of service the patient must be presented with a written HIPAA notice, although they are not required to sign the notice to receive treatment. The health care provider must have record of a good faith effort, and document the refusal with a reason for the refusal as well. The HIPAA notice must be written in plain language, state the rights the patient has, how their protected health information (PHI)is used and disclosed, and how to contact HIPAA with questions or complaints. Health care providers must promptly revise and distribute notices when there are any changes. Spoken, written, and electronic information are all protected under HIPAA.
HIPAA stresses to health care providers that they must avoid incidental use and disclosing patient information. Violation of this can result in severe consequences such as civil fines of up to $50k, 1 year in prison or both, obtaining information on false pretenses result in 5 years of prison time or $100k in fines, or both, If protected