Hipaa And Brokers

Written by Dina Kayed
Bookmark and Share

The rules of HIPAA extend to cover even brokers who sell health insurance. What does this mean for brokers? It means they must implement policies and procedures that guarantee their compliance with HIPAA. This begins with a policies and procedures manual that lays out in detail just how a broker may proceed when the need arises to obtain or release a patient's information.

All brokers involved with a patient's transactions must also have someone appointed to field questions and/or complaints about any potential HIPAA transgressions. Even if these questions arise rarely, the office must still have at least one person designated to respond to these types of inquiries. Since all members of that entity must be trained in HIPPA-compliant behavior, many offices designate this person to hold periodic training seminars to keep people aware of the proper procedures for handling any patient-related information. It's very important that even volunteers or part-time employees be trained, too, since all it takes is one person to give away information that, by law, must remain sealed without the proper disclosure from the patient.

Another important change brokers have had to make to be HIPAA-compliant is with regard to their computer software. All patient information must be kept strictly confidential--it can't be stored in a program that could potentially be accessed by unauthorized personnel. There are software providers out there who have developed secure methods of retaining patient information, using multiple layers of password-protection and other advanced security features.

What Information Do Brokers Need to Protect?

So, just what information is covered by the rules of HIPAA? Any individually identifiable health information is protected by this law. This includes information given over the phone, via email, or via letter. This could be information about a patient's condition (past, present, or future), how much he or she has paid for treatment, or personal data about the patient, including name, social security number, address, photo, birth date, signature, etc.

Bookmark and Share