Health Insurance Portability & Accountability Act
The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996. As part of the Act, Congress called for regulations promoting administrative simplification of healthcare transactions as well as regulations ensuring the privacy and security of patient information. The Health Information Technology for Economic and Clinical Health (HITECH) Act, enacted as part of the American Recovery and Reinvestment Act of 2009 added to additional regulations to HIPAA.
These regulations apply to covered entities (healthcare providers, health plans and healthcare clearinghouses) who transmit any health information in electronic form in connection with a transaction covered under HIPAA. The Iowa Veterans Home is considered a covered entity under HIPAA as a health care provider.
The HIPAA Privacy Regulations govern the release of protected health information (PHI) and also governs access to PHI and amendment of PHI. Covered entities must provide notice of privacy policies to their clientele, obtain consent and authorization for use of information and explain how information is generally shared, and how patients can access, inspect, copy and amend their own medical record.
HIPAA Security Regulations dictate the kind of safeguards covered entities must have in place to ensure the confidentiality and integrity of electronic PHI.
HIPAA's Breach Notification Regulation dictates the mandatory notification by a covered entity to people who the covered entity has worked with if there is a suspicion that the covered entity improperly disclosed their PHI.
Business Associate Agreement
HIPAA Links Resources
If you have any questions or concerns regarding HIPAA, or how IVH is protecting your health information, please contact:
Iowa Veterans Home
Attn: Privacy Officer
1301 Summit Street
Marshalltown, IA 50158