Opticare Home Page

HIPAA Information

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) amended the IRS Code of 1986. The federal government enacted HIPAA legislation to:

  • ensure health insurance portability and continuity
  • guarantee the integrity and confidentiality of health information
  • improve the operations of health care systems
  • reduce waste, fraud, and abuse in health insurance and health care delivery

HIPAA is divided into three segments: Privacy, Transaction Codes and Data Sets, and Security.

Privacy
Department of Health and Human Services issued final Privacy Regulations in August 2002 intended to secure Protected Health Information (PHI) transmitted through Electronic Data Interchange (EDI). The federal government requires full HIPAA compliance from all covered entities by April 14, 2003. A Covered Entity is a health plan, a health care clearinghouse, or a health care provider who transmits health information electronically. All Business Associates must also be HIPAA compliant with Privacy regulations by the effective date. Business Associates perform health care operations involving use/disclosure of PHI on behalf of Covered Entities.

OptiCare’s staff has been trained on HIPAA Privacy legislation and its impact on daily operations. Policies and procedures are functional, meeting HIPAA requirements, and OptiCare is fully committed to being compliant with the HIPAA Privacy Rules by April 14, 2003.

Transaction and Code Sets
Transaction and code sets (TCS) are the standard transaction formats and associated code sets mandated by HIPAA. OptiCare is working currently on TCS and will be compliant by the deadline of October 16, 2003.

Security
OptiCare expects to be compliant with all HIPAA Security regulations by the effective date in 2005. The federal government enacted security legislation to:

  • establish administrative procedures for PHI Integrity
  • establish physical safeguards for PHI
  • establish technical security measures (e.g., limited access)
  • establish security measures for PHI transmitted over a network

Existing security controls required under the Privacy Rule are currently in place.