The Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) establishes standards to protect and guard against the misuse of individually identifiable health information. Many departments simply do not obtain such private health information in the normal course of conducting Psychology experiments.

A - VirtuCARE supports customer compliance with HIPAA privacy and security rulemaking through the use of enhance security functions including audit trail management, view rights based on user roles and/or by individual, encrypting linking and secure socket layers (SSL).

All healthcare providers, health plans, payers, clearinghouses, and other entities that process health data must comply. The employee benefit plans that we offer to our employees are covered under HIPAA.

Acusis Customer area contains current information, links to related information, HIPAA equipment recommendations, and e-mail notification of security alerts.

These entities are bound by the privacy standards even if they contract with others (business associates) to perform some of their essential functions. The law does not give the Department of Health and Human Services (HHS) the authority to regulate other types of private businesses or public agencies (such as employers, life insurance companies, or public agencies that deliver social security or welfare benefits).

Covered entities and the entities with whom they share Protected Health Information (PHI) must comply with HIPAA. A covered entity is: A health care provider who transmits protected health information in electronic form in connection with a transaction covered by the HIPAA transactions regulation. (HHS Regulations Definitions 160.103)

The US HIPAA Security Rule requires healthcare organizations to "Implement hardware, software, and/or procedural mechanisms that record and examine activity in information systems that contain or use electronic protected health information." (Section 164.312). This rule poses a significant challenge for healthcare organizations since most of them do not maintain detailed logs of user access to sensitive data.

Acusis meets all current HIPAA regulations. In fact, we actively monitor new HIPAA regulations that are in review and development.

All health plans, clearinghouses, and providers who choose to exchange data electronically must comply with HIPAA requirements. These requirements do not pertain only to providers receiving federal funds.

The federal government enacted the Health Insurance Portability Act of 1996 (HIPAA) with the intent to assure health insurance portability, reduce healthcare fraud and abuse, guarantee security and privacy of health information, and enforce standards for health information.

Security standards to provide physical, technical and administrative safeguards to protect the integrity, availability and confidentiality of health information. Privacy standards to ensure administrative and physical safeguards to protect the privacy and confidentiality of health information, and to protect against unauthorized access.

A signed HIPAA authorization will be required for newly consented study participants starting April 14, 2003, or the project must have a Waiver of Authorization approved by the IRB. Participants who signed consents prior to April 14, 2003 do not need to be reconsented. Although federal regulations allow the HIPAA language to be included in the consent, California law requires a separate "stand-alone" HIPAA authorization form, which is also available in a Spanish language version.

Under the standard method, you receive credit for your previous coverage that occurred without a break in coverage of 63 days or more. Any coverage occurring prior to a break in coverage of 63 days or more is not credited against a preexisting condition exclusion period. To illustrate, suppose an individual had coverage for 2 years followed by a break in coverage of 70 days and then resumed coverage for 8 months.

Outpatient treatment such as medication, individual or group counseling, or other therapy may be needed. If an individual does not comply with the mandated treatment (one example is noncompliance with medications), Section 306 of the Act provides that he or she may be mandated to have a hearing to determine the need for treatment in a more restrictive setting.

No. Many providers are frustrated because we cannot be more concrete. Some parts of the law are vague. Some of the vague parts will be ironed out in future litigation; but for now, HIPAA leaves it to individual providers. HIPAA uses the term "reasonable," as in "reasonable" for your business. Everything under HIPAA is also "scalable." With privacy, if you are a large hospital, you might get in trouble for doing something that a small provider could get by with.

Most people who use HHS FAQs are not subject matter experts, so explain unfamiliar terms for them or link to a glossary. Try other techniques for explaining terms such as providing a synonym or a written or visual example or illustration. Spell out terms the first time you use them in each FAQ, followed by the correct abbreviation or acronym in parentheses; use only the abbreviation after the first use