Being in the home health care business is no child’s play. We know that all too well. Individuals and families are depending on your company and its health professionals to help them regain health and live a dignified, happy life. And to top such an immense moral and social responsibility, there are regulatory, administrative, and legal hurdles that pop up without fail becoming yet another distraction in your firm’s mission to serve the people. One such necessary obligation companies like yours need to constantly abide by are HIPAA guidelines. Being HIPAA compliant is imperative for any entity wishing to be in the medical industry as patient data privacy is of utmost importance. However, keeping track of yearly updates to these complex set of guidelines and ensuring that there are no data or security breaches is a Herculean effort.
Since the scope of talking about anything related to HIPAA compliance is vast, this article will choose to focus on the changes made to its regulations for the year 2020. Attached below is an overview of what these guidelines cover and how to deal with any potential data breaches. For this year, the significant changes being made are in relation to Protected Health Information (PHI), Covered Entity (CE), and Business Associate (BA).
Protected Health Information (PHI)
Protected health information (PHI) is any demographic information that can be used to identify a patient or client of a HIPAA-beholden entity. Common examples of such data points include names, addresses, phone numbers, Social Security numbers, medical records, financial information, and full facial photos to name a few. PHI which is transmitted, stored, or accessed electronically also falls under HIPAA regulatory standards and is known as electronic protected health information or ePHI. This is regulated by the HIPAA Security Rule.
Covered Entity (CE)
A covered entity is defined as any organization that collects, creates, or transmits PHI electronically. Health care organizations that are considered covered entities include health care providers, health care clearinghouses, and health insurance providers.
Business Entity (BE)
A business associate is defined by HIPAA regulation as any organization that encounters PHI for the work that it has been contracted to perform on behalf of a covered entity. Common examples of business associates affected by HIPAA rules include billing companies, practice management firms, third-party consultants, EHR platforms, MSPs, IT providers, faxing companies, shredding companies, physical storage providers, cloud storage providers, email hosting services, attorneys, accountants, and many more.
If your company was compliant in 2019 and faced no fines then updating your knowledge with changes in these three terminologies will hopefully ensure that you set another year of no HIPAA violations or breaches.
Healthefirst specializes in HIPAA-compliant systems for healthcare providers and other medical businesses, with continued customer support and cutting edge innovation. Visit https://healthefirst.com/ for further information.