The Health Insurance Portability and Accountability Act (HIPAA) of 1996 requires health care providers and organizations, as well as their business associates, to comply with Federal HIPAA standards and provisions detailed in 45 CFR. This includes developing and following procedures that ensure the confidentiality, privacy, and security of patient healthcare records, plans and Protected Health Information (PHI) when it is transferred, received, handled, or shared. This applies to all forms of PHI, including paper, oral, and electronic.
Failure to follow these procedures may compromise the security and privacy of PHI, thereby resulting in a potential HIPAA violation and fine. In these instances, CDA’s Information Security Officer will be notified and will contact the center.