One of the Resource Center's features is an on-line risk assessment tool that can help speciality physicians quickly determine what their practices must do to become HIPAA-compliant. Supporting the risk assessment tool is a Top Ten List providing physicians with a quick reference on HIPAA's key requirements and their impact on the speciality practice. Neurologists, dermatologists, allergists, and cardiologists will find a HIPAA Resource Center located on the Medical Specialty Hub designed for their speciality practice. The HIPAA Resource Center is also accessible via Salu's corporate Web site. In addition to offering comprehensive information ranging from summaries of key HIPAA requirements to a discussion on the benefits of these requirements, the Resource Center helps the speciality practice structure its compliance plan into manageable steps by offering practical guidelines in the section "Complying with HIPAA".
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a broad piece of legislation aimed at reforming health care and recognising the health care industry's increased use of, and reliance on electronic technology. It was signed into law in 1996. The portion of HIPAA legislation dealing with medical privacy and protecting the security and confidentiality of personal health information took effect in April 2001. The rules cover not only paper records, but also computer files and oral communications. The rules require accountability for how a medical practice uses and discloses patient information and establishes specific rights a medical practice must afford its patients. Health care providers and insurers have two years to come into compliance with this section of the legislation.
Complying with HIPAA includes two basic requirements designed to help the speciality practice design its own compliance programme. These consist in, first designating a privacy officer who is responsible for implementing and overseeing the privacy policies and procedures for the practice; and, second, documenting the policies and procedures for protecting the privacy and security of personal health information. Salu's Chief Privacy Officer Jay Eisenberg, M.D., recommends tasking the privacy officer with the first and most critical step in developing a compliance plan, which is performing a risk assessment. Physician-members of Salu's Medical Specialty Hubs are able to access a risk assessment survey in the password-protected "Manage Your Practice" section. The privacy officer can also help assess the policies and procedures the practice has in place and how they will need to be amended to comply with the new requirements.
In addition to Complying with HIPAA, other sections within the Resource Center include:
- HIPAA and Medical Practices, which highlights key features of the law and explains how each will impact the medical practice
- What is HIPAA?, which describes the history behind this broad piece of legislation and its two main components: portability and administrative simplification, the latter of which establishes requirements for privacy and security
- Benefits of HIPAA, which covers the tremendous value of HIPAA for patients and the practice office staff
- Privacy and Security Overview, which provides a historical context for the current legislation