Although the Health Insurance Portability and Accountability Act (HIPAA) has been around for over 9 years it is something that confuses small business owners and if not followed can result in penalties to their business..
HIPAA was passed by congress in 1996 and was designed protect the privacy of an individual’s health information. In April 2004 the Privacy Rule took effect and in April 2005 the Security Rule took effect, both covering the privacy of any individual’s identifiable health care information.
“Now wait a minute”, you’re asking, “How does this affect my business?” If you are a business that services the healthcare industry HIPAA affects your business. It also affects businesses that offer healthcare and keep employee health information on file. A business that doesn’t comply with HIPAA faces the possibility of fines and closure.
To ensure your business is not in violation of HIPAA rules, the following information should be implemented:
Under no circumstances should an employer or employee release information regarding another employee’s health status unless that employee had provided permission in advance. If no permission has been granted, all you are able to do is notify your staff of the employee’s absence.
Anyone who handles health related information must receive HIPAA compliance training. This will provide the individuals with the proper knowledge in handling this information. Without out the correct training your business runs the chance of being sued should any information be improperly released.
Storage of Records
Employee health information should be kept in a secure location and should only be seen by those who are authorized to do so. If any of this information needs to be sent to another location, care should be given to ensure it does not fall in to unauthorized individual’s hands.
Policies and Procedures
This is just another reason to reiterate why your business should have policies and procedures in place. By providing written documentation for your employees, you are spelling out exactly what information cannot be released and why.
Knowledge of State Laws
Some states have laws that supersede those provided within HIPAA. Knowing what state laws your state may have in place will provide piece of mind that you are protecting all aspects of your employees’ health information.
Taking time to implement the above information into your business will help provide peace of mind when it comes to protecting your employees’ health records.
Want more information on HIPAA? Check out the U.S. Department of Health & Human Services website.
Latest posts by Barbara Goldberg (see all)
- The Conundrum Over Small Business and The Affordable Care Act - 11 March, 2014
- The Confusion Over What’s A Small Business - 26 February, 2014
- 7 Tips Your Business Should Take to Prevent Sending SPAM Emails - 10 February, 2014