HIPAA Law and What is PHI?
What are the Major changes created by the HIPAA/HITECH Rule 2013?+
Covered Entities, Business Associates and subcontractors of Business Associates must comply with all portions of HIPAA Privacy and Security 2.0 by September 23, 2013.
There are civil monetary penalties for non-compliance. There are four categories of violations. The penalty for each violation ranges from $100-50,000 and there’s a $1.5 million maximum penalty per calendar year for identical violations.
Would this be considered PHI – name, gender, DOB, and coverage status?+
No, health information must be included with these identifiers. However, if any financial information is included with this release, this would be covered under Gramm-Leach-Bliley.
Is a life policy with a Long-Term Care rider an example of PHI?+
Yes the Long-Term Care rider has Protected Health Information, and therefore is subject to HIPAA. Also, the life policy is covered under Gramm-Leach-Bliley.
How does the HIPAA regulation affect Long Term-Care plans?+
Long-Term Care plans are subject to HIPAA and Gramm-Leach-Bliley.
How do these regulations apply to voluntary benefits clients?+
If they are health products, they’re covered by HIPAA. Financial Products are covered under Gramm-Leach-Bliley.
Do these new rules apply to life policies?+
No, they do not—they only apply to health plans. Life insurance and disability are specifically excluded from HIPAA privacy regulations, but are covered under Gramm-Leach-Bliley.