It's back ... Just when you thought you'd heard the last word about complying with the Health Insurance Portability and Accountability Act (HIPAA), the final compliance phase is just around the corner.
If your organization sponsors anplan, it should already be complying with HIPAA's "privacy rule." That piece of the law, which took effect in April 2003 for larger businesses and April 2004 for smaller ones, requires employers to keep employees' medical data private.
Starting next year, HIPAA's final phase, the so-called "security rule," will require your organization to establish standards to protect the security of employee health information that you keep or transmit electronically. That includes enrollment data, eligibility information and any other individually identifiable benefit data.
Two deadlines, four objectives
The privacy rule and security rule are distinct but inextricably linked. Good priva...(register to read more)