Legal or Ethical Health Issues of HIPAA Term Paper

Pages: 10 (2799 words)  ·  Bibliography Sources: 4  ·  File: .docx  ·  Level: College Senior  ·  Topic: Healthcare

¶ … Privacy Rule

HIPAA Ethical Health Issue


Buy full Download Microsoft Word File paper
for $19.77
A number of federal initiatives were attempted to protect the privacy of confidential personal information in the past many decades (HIPAA Specialists, 2005). The House of Representatives formed a Special Subcommittee on Invasion of Privacy in 1965. The former Department of Health, Education and Welfare published "The Code of Fair Information Practice Principles" in 1973 to set up a base for information privacy in the U.S. The principles became the basis for the ensuing federal Privacy Act of 1974. These principles would regulate government use of personal information by limiting disclosure; allow users access information about themselves; require federal agencies to specify the purpose for collecting personal information; and impose civil and criminal penalties for misuse. In the early 90s, the Bush administration discussed ways of reducing healthcare administrative costs with healthcare industry leaders. The industry leaders suggested an increased use of electronic data interchange within the industry. They later formed into the Workgroup for Electronic Data Interchange or WEDI. Its first co-chairmen were the presidents of the Blue Cross and Blue Shield Association and the Health Insurance Association of America, representing commercial insurers. The Workgroup conducted studies on the matter and later recommended the passage of federal legislation to insure consistent standards in all States. Many of its recommendations were adopted by the Clinton Health Plan, which, however, failed to pass. Other legislations also contained these recommendations. Former President Clinton finally signed the HIPAA into law on August 21, 1996 (HIPAA Specialists).

Pursuant to the Act, Congress enacted a medical privacy statute (HIPAA Specialists,

Term Paper on Legal or Ethical Health Issues of HIPAA Assignment

2005). It also called on the Secretary of Health and Human Services for recommendations on the protection of the confidentiality of healthcare information. In recognition of the importance of such standards, Congress gave the Secretary the authority to promulgate regulations on healthcare privacy in case lawmakers would not be able to act on this matter within the three years allotted by law (HIPAA Specialists).


Delivered by Congress in 1996, the Act would protect the health insurance coverage of workers and their families while between jobs (Fortuna, 2012). Its primary task is the creation and establishment of standards for electronic healthcare transactions in the U.S. And to handle issues in the privacy and security of healthcare information (Fortuna).


With its passage on August 21, 1996, the Act contained only Title 1 and Title 2

(Fortuna 2012). Title I deals with the Employee Retirement Income Security Act, the Internal Revenue Code, and the Public Health Service Act. Title 2 deals with the civil and criminal violations in health care and the penalties. The Privacy Rule took effect on April 14, 2003. It covers medical records and payment histories and the use of Protected Health Information or PHI. It allows health insurance subscribers to appeal violations with the Department of Health and Human Services Office for Civil Rights. The Code Set Rules followed in 2005, which compel medical providers to file information electronically. These rules also specify structures for documents, authorize agent requests, inquire into benefits eligibility, set a premium for insurance products, regulate retail pharmacy claims, and specify how to submit billing information. The Security Rule was enacted on February 20, 2003. It provides administrative, physical and technical safeguards in the use and handling of health insurance-related data. These are for the security of the insured, the health insurance company, the company's insurance company, and the insured's family or dependents. The Enforcement Rule and the Unique Identifiers Rules were the last passed and in February and May 2006, respectively. The Enforcement Rule provides the penalties for all violations. The Unique Identifiers Rule covers electronic transactions and provides for a National Provider Identified number or NPI for every entity using health data (Fortuna).

The Reason and Importance of HIPAA

As abovementioned, HIPAA preserves workers' insurance coverage who change or lose their jobs; establishes security standards for electronically transmitted information among providers, insurance companies and employers; protects patient health information; requires patient information about their rights; and standardizes the disclosure of patient information. Simplifying, the reasons for implementing HIPAA are to reduce waste and fraud, increase efficiency, facilitate data analysis, and to insure privacy and security (Czaja, 2012).

HIPAA set forth standards for the storage, maintenance and electronic transmission of healthcare data between providers and insurance companies (Czaja, 2012). HIPAA's maintenance and electronic data transmission will increase privacy and security and thus reduce waste and fraud. The specialized software used is also expected to further standardize and speed up the information sharing process. This will increase efficiency and save time and materials. The Department of Health and Human Services projected an annual savings of $9billion, partly from the simplification of payments for medical services throughout the industry. A third reason is the facilitation of the compilation and analysis of health data as a result of standardization. This form will help research work on national health data. It will also enable the public to be better informed and understand healthcare issues better. And HIPAA Privacy Rule standardized process maintains patient information in confidentiality. Failure to do so will incur heavy penalties. Violating healthcare professionals who illegally leak out protected information can be fined up to $50,000 and a prison term of up to 1 year. If an economic motive is behind the leak, the fine can go up to $250,000 and the prison term to 10 years (Czaja).

Who are Covered

HIPAA Rules apply to all health plans, healthcare providers, and healthcare clearinghouses ()CR, 2003). Health plans include individual and group plans, who and which provide or pay the costs of medical care. Health plans include health, dental, vision and prescription drug insurers, health maintenance organizations, Medicare, Medicaid, Medicare-Choice and Medicare supplement insurers, and long-term care insurers. Employer-sponsored group health plans, government and church-sponsored health plans, and multi-employer health plans are covered as health plans. There are exceptions. A group health plan with less than 50 participants and administered only by the employer an exception. Government-funded programs whose principle function is other than to provide or pay for healthcare costs are another exception. A government-funded program, which directly provides health care, such as the community health center, or provides grants to finance healthcare, is also an exception. Insurance entities, which provide insurance for workers' compensation, automobile insurance and property and casualty insurance, are exceptions (OCR).

Statutory and Regulatory Bases

Sections 261 -- 264 require the Secretary of Health and Human Services to publicize these standards, collectively known as the Administration Simplification provisions (OCR, 2003). The Act also mandated the Secretary to issue privacy regulations for identifiable health information if Congress would not do so within 3 years from the passage of the Act. The Secretary complied with the mandate and developed a proposed rule, which was released for public comment on November 3, 1999. The Department received more than 52,000 public reactions. The Privacy Rule, the final regulation, was published on December 28, 2000. The Department published proposed modifications to the Privacy Rule and received 11,000 comments on these modifications. Final modifications were published in their final form on August 14, 2002 (Czaja).

State Laws

State laws, which are contrary to the Privacy Rule, are overridden by federal requirements (OCR, 2003). it, however, makes exemptions. These are State laws that relate to privacy of identifiable health information and provide greater privacy protection or rights to such information; provide for the reporting of disease or injury, child abuse, birth or death or for public health surveillance, investigation or intervention; and require particular health plan reporting for management or financial audits, for example. In addition, exception will be given if the State law meets any of set conditions. One is if the State law is necessary in preventing fraud and abuse relating to the payment of healthcare. Another is if the State law is necessary in insuring State regulation of insurance and health plans as authorized by statute or regulation. Another is if it is necessary for State reporting on healthcare delivery or costs. Still another is if it is necessary in meeting a compelling public health, safety or welfare need or the Secretary determines that the violation of privacy balances or justifies the need of the one served. And if the State law's principal purpose is to regulate the manufacture, register, distribute, dispense or control controlled substances or what are deemed to be controlled substances by the State law (OCR).

Enforcement and Penalties

HHS will help covered entities in complying with HIPAA rules (OCR, 2003). Affected entities or persons may file complaints with the HHS. The Privacy Rule also sets forth the responsibilities of these covered entities to provide appropriate data, records and compliance reports. They are also to cooperate with or allow the access to, investigation and compliance reviews of the particular information (OCR).

Civil monetary or criminal penalties may be imposed with the failure to comply with a requirement of the Privacy Rule (OCR, 2003). The civil penalty will not exceed $25,000 per year. There will be… [END OF PREVIEW] . . . READ MORE

Two Ordering Options:

Which Option Should I Choose?
1.  Buy full paper (10 pages)Download Microsoft Word File

Download the perfectly formatted MS Word file!

- or -

2.  Write a NEW paper for me!✍🏻

We'll follow your exact instructions!
Chat with the writer 24/7.

Ethical and Legal Perspectives in Health Care Essay

HIPAA Confidentiality Essay

Ethical and Legal Perspectives in Health Care Case Study

Ethical and Legal Perspectives in Health Care Essay

HIPAA Privacy and Confidentiality Thesis

View 200+ other related papers  >>

How to Cite "Legal or Ethical Health Issues of HIPAA" Term Paper in a Bibliography:

APA Style

Legal or Ethical Health Issues of HIPAA.  (2012, June 25).  Retrieved April 5, 2020, from

MLA Format

"Legal or Ethical Health Issues of HIPAA."  25 June 2012.  Web.  5 April 2020. <>.

Chicago Style

"Legal or Ethical Health Issues of HIPAA."  June 25, 2012.  Accessed April 5, 2020.