HIPAA Simplified – Compliance & Privacy
HIPAA’s five main components include:
- HIPAA Title I makes it possible to maintain coverage when your employment changes and you’re on a group plan. It makes it unlawful for group insurance plans to turn down people they don’t want to cover or to build lifetime maximums into contracts.
- HIPAA Title II directs the U.S. Dept of Health and Human Services to establish national standards for processing electronic healthcare transactions. Healthcare organizations are required to implement secure electronic access to health data and to remain in compliance with HHS privacy regulations
- HIPAA Title III introduces new tax rules for healthcare treatments.
- HIPAA Title IV additional reforms of insurance law, with protections for those with pre-existing conditions and individuals who want to maintain their insurance.
- HIPAA Title V guidelines for business owned life insurance policies and how to handle income tax speciﬁcs when someone has their US citizenship revoked.
As an industry leader, ADL Data is committed to helping our health care partners seamlessly navigate the path to compliance. ADL Data has created HIPAA Simplified webpages for this purpose. We intend for HIPAA Simplified to be a living site which will be updated with new information and guidance.
Application Security – Protecting Your Data
The ADL Security module is integrated with the user Interfaces and support all the different Authentication methods that are needed by the various technologies that are integrated with the operating system. Most of these devices have specific drivers and protocols that need to be used. Most are not supported by Microsoft’s Active Directory Services.
The ADL Security module supports Active Directory and the users passwords can be controlled via the Active Directory which will automatically synchronize with the ADL Security module.
Several Levels of Security are provided through the operating System and Microsoft Active Directory, however, there is a need to provide a higher level of security control:
- User Access the system for Non-Microsoft Devices.
- User Access at the User Interface Level – Menu options.
- User Access at the program level (Create, Read, update, Destroy – CRUD)
- Gateway Access for Interchanging data with other Providers and Exchanges.
- Biometric Devices for authenticating identities.
- User Access Across Multiple Facilities controlled by the Organization.
- User Access to communications methods (eMail, SMS, Chat, IM, etc.)
- File Sharing Services
These regulations include:
- ASC X12 version 5010
- Auditing and Accountability
- NCPDP Scripts 10.6
- Eligibility & Authorization
- Claims Management
- Health Plan ID (HPID)
- EFT and ERA Operating Rules
- Claims Attachments Rules
- Operating Rules
HIPAA Omnibus Rule Reference Chart
Covered Entity Charts: Guidance on how to determine whether an organization or individual is a covered
Brooklyn Community Services Policies and Compliance Guide relating to the HIPAA Security Rule