Indiana Security & Privacy Network

Frequently Asked Questions

Can you give me an executive overview of HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act. Title II of this federal law is being defined and implemented currently. Any organization that has access to patient information and communicates electronically may be subject to HIPAA regulations. Violation of the regulations can result in fines and even prison sentences.

Title II of HIPAA consists of three basic components:

Privacy

Security

Transaction and Code Sets

Privacy provides regulations to assist you in developing policies and procedures to assure that patient information available to you is only used to accomplish your job on the client’s behalf and with their agreement.In addition, privacy will result in legal agreements between your organization and others who share protected patient information. The privacy regulation will most likely require the most effort to implement in an organization.

Security provides regulations to assist you in developing policies and implementing software, assuring that individuals can not access electronic information which is not required to perform their job.

Transactions and Code Sets provides regulations to reduce the cost of maintaining computer systems by defining standardized file layouts (transactions) and code sets (data domain within a transaction).


Where do I start?

Where you start may differ from one organization than another. Check out the “Steps To HIPAA Compliance” by Premier Solutions, Inc.


What resources are available?

See the Indiana Security & Privacy Network Resources page.