• LinkedIn
  • YouTube
  • Twitter
  • Facebook
  • Google+

HIPAA deadline nears; keep staff medical data private

by on
in Employee Benefits Program,Human Resources

Last year, the federal Health Insurance Portability and Accountability Act (HIPAA) required companies that sponsor large health care plans (more than $5 million in premiums or claims) to start complying with new privacy rules.

This year, it's your turn. Starting April 14, smaller businesses that fall below the $5 million threshold must comply.

The basic privacy premise of HIPAA remains straightforward: Companies can't disclose personal information related to an individual's health care except to the employee directly, to the government or if a signed consent form grants the OK to carry out treatment or payment.

What that means for you:

Don't disclose personal health information or use it to hire, fire, promote or evaluate employees' time off requests. Obtain a copy of your health plan's privacy guidelines, which it must provide you by law. The document should spell out what individual information your health plan can legally make available.

Double-check employee files for personal medical data, and make sure they comply with HIPAA regulations. If you have questions, check with your health plan or lawyer.

Create a policy that prevents misuse of health information. Handle HIPAA privacy compliance yourself or designate a trusted manager.

Make sure your health plan's marketing materials include the latest HIPAA regulation disclosures.

Final notes: HIPAA exempts self-administered health plans with less than 50 employees. But even if you believe your company doesn't need to comply, it still must avoid being sloppy with medical data files. Why? Because other existing federal laws make your company responsible for securing employees' medical information.

To learn more, go to www.hhs.gov/ocr/hipaa/smallbusiness.html.

Free E-visory report:


'How to Comply With HIPAA's Health Care Privacy Rules'

For a free, two-page primer on the federal government's rules for keeping employee medical data confidential, obtain a copy of our E-visory report, How to Comply With HIPAA's Health Care Privacy Rules. Research Recommendations subscribers can receive a free copy at www.research-recs.com/extra.

Leave a Comment