HIPAA EDI Privacy – part of the Anthem’s HIPAA regulations
HIPAA EDI Privacy addresses protecting the privacy of protected health information (PHI). As part of the HIPAA regulations, the government has established some controls. They will limit how, when and where protected health information is shared. Medical information, as well as emographic information, is “Protected Health Information” (PHI). Anthem collects PHI as part of administering your health care benefits. PHI includes both health care information and demographic details. They cover an individual’s address, gender, Social Security number, or date-of-birth. PHI is communicated in any form—electronic, written, or spoken.
Anthem’s commitment to privacy
Anthem is committed to protecting confidential information about its customers. Anthem will comply with the privacy requirements of HIPAA and other laws aimed at safeguarding privacy. Anthem also has its own HIPAA EDI Privacy policies and procedures. These are designed to protect customer privacy. Athem met its compliance obligations with respect to the HIPAA Privacy Rule prior to the April 14, 2003, compliance date. Anthem performed a state-by-state preemption analysis to uncover the discrepancies between the federal Privacy Rule and the laws of the 50 states. They may further restrict the amount of information a health plan may disclose.
HIPAA EDI Privacy Rule borders
HIPAA requires that covered entities make certain their business associates also comply with the Privacy Regulations. Business associates are parties that perform a function or service for a covered entity that involves PHI. For example, certain vendors, brokers, consultants, and third-party administrators (TPAs) can be business associates. The Privacy Rule specifies that covered entities may not disclose PHI to business associates without reasonable assurance. Accordingly, covered entities need to include HIPAA privacy provisions in agreements with its business associates. Such provisions will include specific obligations to safeguard PHI communicated in any form. Self-insured plans need to enter into business associate agreements with all of their service entities that have access to PHI.
Group health plan and health information protection
One of the most confusing aspects of the HIPAA EDI Privacy Rule is its effect on group health plans (GHPs) and employers. A fully insured GHP that neither creates nor receives PHI is exempt from most of the privacy administrative requirements. Regardless of whether they have PHI or not, self-insured GHPs are subject to all of the privacy administrative requirements. They include implementing safeguards to protect PHI from unauthorized use or disclosure, privacy notice requirements, appointment of a privacy officer, compliance documentation and six-year retention requirements.
EDI Academy provides essential information about HIPAA EDI Privacy at our custom-on-training classes. You can learn more at our web-site.