Handling Employees' Health Information: HIPAA Targets the HR Department HIPAA BLT Special Issue 11 Business Law Today 2001-2002

11 Bus. L. Today 19 (2001-2002)
Handling Employees' Health Information: HIPAA Targets the HR Department

handle is hein.journals/busiltom11 and id is 89 raw text is:

BIT SPECIAL ISSUE

employees'

heaIth HIPAA targets the HR department
By Ryan D. Meade

informaHonw.1

uried deep within the Heahh
Insurance Portability and
Accountability Act of 1996
(HIPAA) has been a sleeping giant. The
giant has now been awakened by
aggressive new regulations governing
how businesse-s interact with personal
health infonnation, but few outside the
health-care industry realize this, That
will change soon.
Regulations to support IIIPAA were
recently made final by the Department
of Health and Human Services (I IHS)
amid great controversy. The rules are
not only poised to radically change the
delivery of health care in the United
States, but will also affect how compa-
nies that do business vith the health-
Meade is a partner at Katten Muchin
7avis in Chicago. His e-mail is
r3,an.mneadet@lnz.com.

care industry organize themselves to
handle the health information main-
tained by their health-care custoners.
Most employers will also feel HIPAA!s
impact in regulating how they uS tihe
health-benefit information of their
employees. The tentacles of HIPAA will
even reach beyond the borders of the
United States if a hlahh-care company
uses a foreign vendor.
HIPAA was a bi-partisan attempt at
health-care reform, principally focused
on making it easier lir employees to
carry their health insurance benefits
from one employer to another, hence
the portability aspect of HIPAA.
However, one of the reforms HlIP lA
attempted was to mandate a national
system for exchanging electronic
health information between health-
care providers and health plans,
I-tP.A.A charged HHS with the task of

promulgating standard formats for
these exchanges, nainly focusing on
payment transactions.
These standards are known within
the act as administrative simplifica-
tion. But the final HHS regulations are
anything but simple.
Along with, standardizing electronic
health-infortmation exchanges (current-
ly more than 400 distinct systems
exist), I IIPAA also established civil and
criminal penalties [or regulated entities
that breach the privacy and security of
the health information. HIPAA did not
spell out the privacy or security stan-
dards that the health-care industry
would be held to, but left these rules to
he worked out by HI IS if Congress
didn't adopt standards by a certain
date. Congress never met its deadline,
thereby prompting HH5 to promulgate
a series of proposed regulations.

ovemberlocembere2001

Hand ing

01
, IF

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.

Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

What Is HeinOnline?

Purchase Access

Contact Us

Log In

NEED HELP?

CONTACT US

Get started

Subscribe to our Newsletter