HIPAA Compliance
The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the US Congress in 1996 for the protection of medical information. HIPAA compliance is a requirement that every health care provider must address. Entities covered by HIPAA must develop and implement written privacy policies and procedures that are consistent with the HIPAA Privacy Rules. The organization's security policy must also provide data safeguards to maintain appropriate administrative, technical, and physical safeguards to prevent the disclosure of protected health information.
HIPAA Compliance Statement
The HIPAA compliance statement should summarize how the entity has complied with the appropriate and applicable requirements of the Health Insurance Portability and Accountability Act of 1996. Health care providers covered by HIPAA, including managed care organizations, health plans and health insurance companies, should also be aware of changes to the Health Insurance Portability and Accountability Act of 1996 that were included in the Economic Stimulus Bill of 2009. The HIPAA compliance statement should include verbage indicating awareness of the new requirements and state how efforts are underway to implement the new HIPAA requirements as mandated.