Brief History
Hippa was passed in
1996 for various reasons. Two important ones were
1. Congress recognized the need for privacy and security standards and the potential for abuse and compromise due to electronic medium such as email and social networking that was fast emerging.
1. Congress recognized the need for privacy and security standards and the potential for abuse and compromise due to electronic medium such as email and social networking that was fast emerging.
2. Before Hippa, there
was no Uniformity and rules varied from by state and organization. There was
confusion as to which rules were applicable. The following are a few of the
highlights in Hippa News[i]
over the last decade, this is not an exhaustive list:
·
January 1, 2012 - HIPAA X12
standards Version 5010 compliance date. These standards are for the electronic
transmission of certain health care transactions. Health care providers, health
plans, and clearinghouses are required to conform. These standards are
necessary to prepare for the implementation of ICD-10-CM scheduled for October
1, 2013.
·
May 23, 2008 - National Provider Identifier
Compliance Deadline for Small Health Plans and the end of NPI Contingency
Period.
·
April 21, 2005 - Security Compliance Deadline.
·
July 30, 2004 - Standard Unique Employer
Identifier compliance deadline.
·
October 16, 2003 - Transaction and Code Sets -
expected date of compliance for small health plans and covered entities that
filed a compliance plan to delay implementation.
·
April 14, 2003 Privacy compliance deadline.
·
February 20, 2003 - Security Standards
published.
·
February 20, 2003 - Modifications to
Transactions and Code Sets Regulation and Implementation Guide Addenda
Published.
·
October 16, 2002 - Transaction and Code Sets -
expected date of compliance for covered entities that did not file a compliance
plan to delay implementation.
·
August 14, 2002 - Final modifications to the
Privacy Rule published.
·
May 31, 2002 - CMS announced the adoption of
the EIN as the standard unique identifier for employers in the filing and
processing of health care claims and other transactions.
·
December 28, 2000 - Privacy Final Rule
Published.
·
August 17, 2000 - Transaction and Code Sets
Final Rule Published.
·
August 21, 1999 - Deadline for Congress to
enact legislation governing the privacy of individually identifiable health
information standards. Because Congress failed to meet the deadline, HIPAA requires
the Secretary of Health and Human Services to promulgate such standards by
regulation.
·
November 3, 1999 - Privacy NRPM (Notice of
Proposed Rule Making) published.
·
August 12, 1998 - Security NRPM published.
·
June 16, 1998 - National Employer Identifier
NRPM published.
·
May 7, 1998 - National Provider Identifier
NRPM publishedTransactions and Code Sets NRPM published.
Ferpa, also known as The Family Educational Rights and Privacy Act was signed into law by President Gerald Ford in 1974. Whereas Ferpa protects the privacy of student records Hippa protects the privacy and security of a patient’s health records and information.
Congress has amended FERPA a total of nine times in the nearly 28 years since its enactment, as follows[ii]:
Ferpa, also known as The Family Educational Rights and Privacy Act was signed into law by President Gerald Ford in 1974. Whereas Ferpa protects the privacy of student records Hippa protects the privacy and security of a patient’s health records and information.
Congress has amended FERPA a total of nine times in the nearly 28 years since its enactment, as follows[ii]:
·
P.L. 93-568, Dec. 31, 1974, effective Nov. 19,
1974 (Buckley/Pell Amendment)
·
P.L. 96-46, Aug. 6, 1979 (Amendments to
Education Amendments of 1978)
·
P.L. 96-88, Oct. 17, 1979 (Establishment of
Department of Education)
·
P.L. 101-542, Nov. 8, 1990 (Campus Security
Act)
·
P.L. 102-325, July 23, 1992 (Higher Education
Amendments of 1992)
·
P.L. 103-382, Oct. 20, 1994 (Improving
America's Schools Act)
·
P.L. 105-244, Oct. 7, 1998 (Higher Education
Amendments of 1998)
·
P.L. 106-386, Oct. 28, 2000 (Campus Sex Crime
Prevention Act)
·
P.L. 107-56, Oct. 26, 2001 (USA PATRIOT Act of
2001)
Hippa
and Ferpa are important Federal Laws and fall under Civil Rights category. Any
report of breach in security or confidentiality reported to the Federal
Government is administered by the OCR (Office of Civil Rights. As mentioned
earlier, there was no standard procedure for monitoring and protecting patients
and students privacy. Congress enacted Hippa to improve the efficiency and
effectiveness in the electronic standards of health transactions and to protect
the privacy and security of patients.
Ferpa
on the other hand protects the privacy of student records in those schools that
receive Federal Funding under programs administered by the United States Dept.
of Education. This would include public schools, medical and other professional
schools. Institutions are not allowed to share any personally identifiable or
educational records without the students or parents consent. Private and
religious schools are generally exempt from Ferpa.
Hippa
and Ferpa are very important in the Human Services field for many reasons. On a
personal level, I can say that they facilitate some level of trust between a
patient/student and the institution that possesess such records. In this
current era of identity theft, stalking, and other criminal activity, it
becomes important to secure and protect the privacy of clients who are
entrusting a human services worker with their life’s history. Breaking that trust is detrimental to the
whole meaning of the word service connected
with the word human. We are
attempting to serve human beings who are often vulnerable, for instance,
an abused woman. It is crucial to keep that type of clients’ information secure
and private lest their address becomes public knowledge.
Violations
have happened and the fines can be quite steep from losing one’s job to actual
imprisonment. One example of a violation involves the social network FaceBook. A group of 13
emergency workers started a page with good intentions to just talk about the
day’s activities. However, as is often the case on social networks, people
forget that it is not a very private medium and that it is in fact very public.
People let their guard down and divulge frustrations related to the days
dealings with their clients. That is exactly what happened with this group on
FaceBook and they were fired. The hospital reasoned that anyone who had access
to the page could put enough information together to identify patients.
If your
employer does not have a counseling program set up in house, then perhaps you
may want to suggest one. Employees need a place to safely vent their
frustrations and learn some techniques in dealing with the stresses that
accompany a human service workers job. Expecting employees to “just handle” the
public is unrealistic and counter-productive to providing service to the
public. Also remember that talking about your clients outside of work, no
matter how rude and belligerent they behave, betrays trust and can cost your
job or career. In a worst-case scenario, it can land you some jail time. One of
the best bits of advice is from an ancient proverb, “Do to others as you would
have them do to you.” Remember, you are not only a public servant while on the
job; when you leave the office; you become part of the public. If you had to go
to your office to obtain help, how would you want to be treated? How would you want your records taken care
of? Someone in an office is probably processing some record of yours perhaps
your doctor, lawyer, college, or your dentist.
Hippa
and Ferpa are in place to insure that our information remains private. That
includes becoming a verbal vault that safeguards the public’s privacy. As a
social worker/human services worker, we have a solemn duty to honor those that
depend on us for help when they are often in a crisis emotionally and
physically.
[i]
All Things
Medical Billing ( 2012). History of HIPAA. ONLINE] Available at: http://www.all-things-
hipaa.html. [Last Accessed January 30, 2013].
[ii]
U.S. Department of Education (Last updated June 2002). Legislative History of
Major FERPA
Provisions.
[ONLINE]
Available at:
http://www2.ed.gov/policy/gen/guid/fpco/ferpa/leg-history.html. [Last Accessed
January
31,2013].
