As a publisher, All Medicare is not regulated by Public Law 104-191 (Health Insurance Portability and Accountability Act). However, AllMedicare.com takes every precaution required by HIPAA standards for the protection of an individual’s personally identifiable health information. Specifically, all personal information collected for the purpose of providing Medicare insurance information is fully encrypted in All Medicare’s database. Additionally, access to the data is restricted to the webmaster and the consultant creating reports. Records containing an individual’s personally identifiable health information are purged immediately after the data is used to provide the requested report. All Medicare does not sell, share, or otherwise use the information provided for proposes other than the service requested by an individual.
What is the Health Insurance Portability and Accountability Act (HIPAA)?
The 1996 Health Insurance Portability and Accountability Act (HIPAA), Public Law 104-191, contains provisions that require the Federal government to adopt privacy protections for personally identifiable health information. These required HHS to adopt national standards for electronic healthcare transactions and code sets, unique health identifiers, and security. These standards are defined by three rules.
The HIPAA Privacy Rule
The HIPAA Privacy Rules establish national standards for protecting individuals’ medical records, and personal health information, and applies to all health plans, clearinghouses (middleman between the healthcare providers and the insurance payers), and healthcare providers who conduct certain electronic healthcare transactions. The Rule establishes safeguards to protect personal health information and limits the use and disclosure of that information without the patient’s authorization. Patients also have rights under the Rule to access and request corrections to their health information.
The HIPAA Security Rule
The HIPAA Security Rules establish national standards for protecting individuals’ electronic personal information. This includes any data that is created, received, or used by covered entities. To ensure the confidentiality, integrity, security, and privacy of electronically protected healthcare information, the Security Rule requires that appropriate administrative, physical, and technical safeguards be in place.
The HIPAA Enforcement Rule
The HIPAA Enforcement Rule contains provisions relating to compliance and investigations, the imposition of civil money penalties for violations of the HIPAA Administrative Simplification Rules, and procedures for hearings. 45 CFR Part 160, Subparts D, C, and E codify the HIPAA Enforcement Rule.