Last year, the federal Health Insurance Portability and Accountability Act (HIPAA) required organizations that sponsored large health care plans (more than $5 million in premiums or claims) to start complying with new privacy rules. Starting April 14, smaller organizations that fall below that $5 million threshold must comply.
The basic privacy premise of HIPAA remains straightforward: Organizations can't disclose personal information related to an individual's health care except to the employee directly, to the government or if a signed consent form grants the OK to carry out treatment or payment.
For more details, access a copy of How to Comply with HIPAA's Health Care Privacy Rules at www.you-and-the-law.com/extra.
- Do your health assessment questions violate new GINA law?
- Employee's religious belief doesn't let her dictate your business
- Understanding the new 'grandfathering' rules
- Direct deposit requires employee's written consent
- Lessons from the 2006 SHRM conference: Do you really need to offer that employee benefit?