In this paper we will discuss how HIPAA violations affect the medical billing process and why HIV and AIDS information is more sensitive than other types of health conditions. We will also examine the social, legal, and ethical ramifications of improper information disclosure. In 1996 on August 21, the Health Insurance Portability and Accountability Act (HIPAA) was enacted by the Federal Government and signed into law by President Bill Clinton (HIPAA – The Health Insurance Portability and Accountability Act, 2011).
According to “Health Insurance Portability and Accountability Act” (2012), “HIPAA does the following; provides the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs, reduces health care fraud and abuse, mandates industry-wide standards for health care information on electric billing and other processes, and requires the protection and confidential handling of protected health information” (What is HIPAA? ). The main reason HIPAA was enacted was to protect patient’s personal health information regardless of its severity.
Their personal health information is just that, theirs! For that reason, among many other, it is very important to know that a patient’s personal health information is not to be shared with any unauthorized person for any reason. Kibbe (2001) states “every practice regardless of its size will have to comply with the HIPAA security, privacy, and transactions regulations” (Key Points). HIPAA has rules and regulations for a reason, and they must be followed. It is important to note that if they are not, there are serious repercussions in which we will discuss a little later on in the paper.
HIPAA has a lot to do with the medical billing process because it is designed to make sure that patient’s demographics are kept confidential. When it is necessary to share a patient’s medical information with an authorized person, only the necessary information is to be shared. However, in order for any of the patient’s information to be shared, regardless of the reason or who with, there must be an authorization form signed by the patient in their file. Without this form, none of the patient’s medical information is allowed to be shared or released regardless of the reason (Valerius, Bayes, Newby, & Seggern, 2008).
Some health conditions like the Human Immunodeficiency Virus, also known as HIV, and Acquired Immune Deficiency Syndrome, also known as AIDS are more sensitive than others. For those who are not familiar with either one of these health care conditions I will give a brief description of each one, and then we will talk about why they are more sensitive. It all starts with HIV which is a non-curable sexually transmitted disease (STD) that weakens your immune system and eventually leads to AIDS. Now, just because HIV is “sexually transmitted”, this is not the only way that one can contract it.
Yes, it is the way it is initially contracted to begin with, but once infected it can be spread several different ways. A person who has HIV can be totally innocent, have never had sexual intercourse or anything of that nature, but still be infected. HIV can be contracted by coming in contact with infected blood, during pregnancy, through childbirth, and breastfeeding. AIDS is the life threating end result of HIV because it prevents your body from being able to fight off the organisms that cause it (Mayo Clinic Staff, 2012).
That being said, because of what they are and what society thinks about these health conditions, the ones infected usually go untreated. Their reasons for going untreated can range from not knowing they are infected to fear of being judged or labeled as something they may not be such as prostitute, drug addict, etc. , as well as breach of confidentiality. Also, because of what society thinks about HIV and AIDS along with the background of the two, if patient confidentiality is broken and the wrong information is released, the patient can become a victim of discrimination because it is so frowned up in our society today.
This is part of the reason why it is so important to follow HIPAA guidelines. HIV and AIDS does not only ruin people’s lives health wise, but if this information is unnecessarily shared, it could ruin their lives by causing them to lose their job, get dropped from their insurance, as well as many other ways. As if HIV and AIDS is not hard enough to cope with or even come to terms with, it makes it even harder to do so when our society is so cruel and judgmental. HIPAA, for this very reason, tried to address some of the healthcare coverage and job related barriers for those suffering from HIV and AIDS.
To aide in this process, HIPAA has three main goals. Their first goal is to protect those with group coverage from being discriminated against and dropped. The second goal is to help small businesses have a better chance of getting and keeping health insurance coverage. Last but not least, the third goal is to give the options of getting individual coverage to those losing or leaving group coverage (Center of Diseases and Control, 2011). These laws that HIPAA has created provides protection that is important to those that suffer from this horrible health condition.
Things like exclusions because of pre-existing conditions are limited, prohibiting denial of coverage or the charge of additional fees for coverage by group health plans because of discrimination against them for a family members past or present poor health, guarantees some individuals and small employers the right to purchase individual health insurance when they have lost job related coverage, and in some cases, guarantees individuals and employers, regardless of any condition of individuals covered, the right to renew coverage (Center of Disease and Control, 2011).
As discussed a little earlier on, there are legal ramifications if the rules and regulations of HIPAA are not followed and patient confidentiality is broken. The Office of Civil Rights, which handles investigations of complaints and enforcement of the law, oversees HIPAA. If a patient feels that there has been a violation of their privacy they can, and they should, file a complaint via written letter, e-mail, or fax to the Office of Civil Rights (OCR) including the following information; the name of the organization and the nature of the alleged violation of privacy.
Once the complaint has been filed, an investigation will then be conducted. At this point, the OCR will gather the necessary information and evidence that will help them to determine whether or not the organization was in fact in direct violation of HIPAA. If after the investigation the organization is found to be in violation of improper information disclosure the OCR will take criminal action and refer the case over to the Department of Justice where legal action will then begin to take place (U.S. Department of Health and Human Services, 2003). The legal ramifications and the level of them for this kind of violation depend on the severity of the violation. If the facility and/or person is found to have intentionally attained or disclosed an individual’s identifiable health information, they can be fined up to $50,000 as well as 1 year in prison. If the offense was committed under insincere or feigned behavior, fines increase to $100,000 and up to 5 years in prison.
Now, if the intention was to sell, transfer, or use the individual’s health information for commercial use, personal gain, or malicious harm, fines then increase to $250,000 and up to 10 years in prison (Amaguin, 2011). Here is the kicker, even if the organization had no knowledge that one of their employees was portraying such dishonest actions, they still get in trouble because they are responsible for all of their employees actions. This is because it is their job to make sure they hire people that can be trusted with this kind of information.
This is the reason why health care providers need to be careful about whom they hire, conduct a very thorough background check, have a thorough and somewhat drawn out interview process, and if the decision to hire an individual is made, they need to go through extensive testing to ensure that they know and are up to date on HIPAA rules, regulations, and policies. In my opinion, the facility is the physician’s livelihood; it is how they pay their bills and support their family. For this reason, I think they should do anything and everything and take every precaution to cover themselves and their assets.
No matter how trustworthy someone may seem, they can always turn around and shock you. People do really dumb and dishonest things sometimes for unexplainable reasons. Even some of the most trustworthy people can be dishonest. In this paper we discussed how HIPAA violations affect the medical billing process and why HIV and AIDS information is more sensitive than other types of health conditions. We also examined the social, legal, and ethical ramifications of improper information disclosure.
- Amaguin, R. (2011).HIPPA Law Protects Against Improper Disclosure of Health Information by Health Care Providers.
- Retrieved from http://www. amaguinlaw. com. Center of Disease and Control (2011)
- HIPPA: HIV & AIDS Laws and Policy. Retrieved from http://www. hivatwork. org/law/hipaa. cfm.
- Health Insurance Portability and Accountability Act. (2012).
- Retrieved from http://www. dhcs. ca. gov/formsandpubs/laws/hipaa/Pages/1. 00%20
- WhatisHIPAA. aspx HIPAA-The Health Insurance Portability and Accountability Act. (2011, July). National Nurse, 107(6), 20-27. Retrieved from