Health Insurance Portability and Accountability Act

 

 

Welcome!

This website is offered as a service to assist local public health department personnel in North Carolina in their compliance efforts with the Health Insurance Portability and Accountability Act (HIPAA) 1996. HIPAA is a federal law that requires compliance for any health plan, clearinghouse, or provider that creates, sends, or receives protected health information in an electronic format. The requirements outlined by the law and the regulations are far-reaching and, unlike Y2K, HIPAA is an enterprise-wide issue--not an information technology issue. There are legal, regulatory, process, security, and technology aspects to each proposed rule that must be carefully evaluated in each agency. In addition, there are significant criminal and civil penalties for non-compliance, as well as liability risks for unauthorized disclosures of protected health information. There is no quick fix or easy solution to meet HIPAA requirements.

HIPAA was implemented to achieve specific goals for the health insurance system.

  1. Market Reform - i.e. portability of coverage for individuals with no
    waiting periods.
  2. Enhanced fraud and abuse penalties and increased enforcement.
  3. Administrative Simplification - i.e. increased use of information
    technology.
  4. Statutory mandates for health information privacy and security.

Understanding and implementing HIPAA requirements is critical to health care providers to ensure cash flow and to protect the health information of their clients. Compliance strategies and approaches aren't standard because agencies are not standard. The challenge throughout the process is to keep in mind that your approach should be flexible, scaleable, and reasonable. Because technology is changing so rapidly, your organization has the flexibility to choose your own technology solutions. You want to be sure your approach is scaleable in order to provide an economically feasible solution. Finally, be sure the policies and procedures you outline are reasonable and that your organization can ensure compliance. Be careful of adopting policies and procedures that your staff cannot (and will not) follow to avoid creating liabilities for your organization.

While visiting this website, be sure to review the following pages:

  • Resources - For a listing a resources and publications to assist you in obtaining the necessary information to learn more about HIPAA requirements and implementation approaches, click the Resource button.
  • FAQ - For a list of Frequently Asked Questions from the HIPAA Hotline, click on the FAQ button.
  • Updates - For the latest information about upcoming workshops and conferences regarding HIPAA, click on the Updates button.
  • Presentations - For presentations that can be used within your agency to provide staff training, click on the Presentations button.

Interactive Internet Training Modules

In addition to this website, interactive internet training modules are being developed and links will be provided as they become available.

Questions or Comments

If you have questions or need more information about HIPAA, please call
the HIPAA Hotline at 919-715-3358. If you have questions about this website, please contact:

Becky Hart, Web Site Manager
NC Institute for Public Health
Campus Box 8165
UNC School of Public Health
Chapel Hill, NC 27599-8165
Phone: 919-843-6612
Fax: 919-966-5692
E-mail: rmhart@email.unc.edu