HIPAA seeks to prevent fraud or abuse of the healthcare system

Description: HIPAA defines ‘Protected Health Information’as any information pertaining to the health status of individual

Simple understanding of the HIPAA Privacy Rule

HIPAA Privacy Rule is one of the five rules formulated for administrative simplification. Administrative simplification is addressed in Title II of Health Insurance Portability and Accountability Act, or HIPAA. Along with administrative simplification, the Title II of HIPAA through the major five rules aims at defining offenses related to healthcare, has programs in place to prevent fraud or abuse of the healthcare system and sets penalties for such offenses. This is very evident in the Privacy Rule regulations.


The Privacy Rule applies to the entities called as ‘covered entities’ by HIPAA. Theseconsist of all the entities involved in the healthcare system like the health insurance companies, community health information system, medical providers, healthcare billing services, healthcare clearing houses, healthcare claims administrators, and any big or small healthcare facilities.

Essence of Privacy Rule

HIPAA defines ‘Protected Health Information’ (PHI) as any information pertaining to the health status of individual, healthcare provisions and the payments made for such provisions of healthcare that can be linked to an individual. The Privacy Rule in essence regulates the use or disclosure of protected health information by the covered entities.

Rights of the individual to whom the PHI pertains

  1. The PHI must be disclosed to the individual it is pertaining to if the individual requests for the same
  2. The individual has the right to request for correction of inaccurate information
  3. The individual should be notified if the PHI is shared with other covered entities.
  4. The individual can specify the modalities of communication and it should be adhered to in order to protect confidentiality.

Regulations for the covered entities

  1. The PHI must be disclosed to the law when required to do so by law. For example, when reporting child abuse or domestic violence to the child welfare agencies, the PHI may be required to be disclosed.
  2. Reasonable steps must be taken to ensure confidentiality while communicating about the PHI
  3. PHI may be disclosed for the purposes of further provision of treatment or payment, only to the extent necessary.
  4. PHI may be disclosed after an authorization by the individual to covered entities
  5. The covered entities must hire privacy official and a contact person for receiving complaints regarding violation of Privacy Rules
  6. 6.   The workforce must be trained on PHI related communications.


Phone: 800-447-9407
Fax: 302-288-6884Image

Author: GlobalCompliancePanel-Training

GlobalCompliancePanel is an online training gateway delivering high quality regulatory & compliance trainings in a simple, cost effective and in a user friendly format.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s