HIPAAlinks:
Specific Covered Entity Groups

Academic Medical Centers

• Guidelines for Academic Medical Centers on Security and Privacy: Practical Strategies for Addressing HIPAA
  A tool to assist AMCs (and others in the healthcare industry that regularly interact with them) in addressing the HIPAA security and privacy regs.
  
  
• Universities and HIPAA:
  
  • New York University School of Medicine
  • Oregon Health & Science University
  • Stanford University Medical Center
  • University of Alabama at Birmingham
  • University of California, San Francisco Medical Center
  • University of Kentucky Chandler Medical Center
  • University of Minnesota, Privacy and Security Project
  • Yale University
    

Accounting

Guidelines from the American Institute of Certified Public Accountants (AICPA) for CPAs assisting health care providers in complying with HIPAA. The brochure entitled, An Overview of HIPAA: The Role of CPAs in Privacy Compliance (PDF), includes a checklist of more than 50 questions CPAs should ask when assessing a health care providers preparedness.

Assisted Living

• The National Center for Assisted Living (NCAL)'s user-friendly "HIPAA Privacy Rule: An Assisted Living Manual" aids in assisted living facilities’ compliance with the HIPAA privacy regulations.

Athletic Trainers

• How will the HIPAA final Privacy Rule impact you as an athletic trainer?
  The National Athletic Trainers' Association (NATA) provides information about the HIPAA regulations as a service to its members. Portions of HIPAA will affect the way athletic trainers communicate and otherwise handle medical records and information of their patient population.

Banks

• MedicalBanking Project's Knowledge Center is a public reference source for White Papers, articles, cross-links and other resources related to issues in "medical banking convergence," defined as the latent integration of banking infrastructure with healthcare administrative operations.

Biotech

• Analysis: The HIPAA clock is ticking
  With the first deadline to implement new medical record regulations less than a year away, bioscience companies should be taking a hard look at whether these complicated federal mandates will affect them.
  

Chiropractic (Chiropractors)

• Everything You Ever Wanted to Know about HIPAA — But May Still Be Afraid to Ask
  From Dynamic Chiropractic
  
  
• American Chiropractic Association includes sample consent and authorization forms, a Notice of Privacy Statement, and Business Associate Agreement for its members.
  

Clinicians

• The American Society of Clinical Oncology (ASCO) has developed a list of frequently asked questions to assist its members in complying with the HIPAA Privacy rule:
  • ASCO Model Forms and Policies for Compliance with the Federal Privacy Rule
    
    
  • FAQ: HIPAA Privacy Regulations (updated October 2002)
    
    
  • Policy Statement: Medical Records Privacy (approved October 2000)

Dental Practices (Dentists)

• National Dental EDI Council (NDEDIC) provides information on HIPAA that pertains to Dentistry and Dental Benefits.
  
  
• American Dental Association (ADA) HIPAA Guidance
  The ADA maintains a dedicated page on its site to educate its members on the implications of HIPAA.
  
  
• Protecting Patient Privacy
  HIPAA will require dental practices to protect patient privacy by securing their records. Begin the process now!

Employee Benefits

Employers (see also Human Resources)

• Ready Or Not, Here Comes HIPAA by Tonya Vinas, IndustryWeek, April 1, 2003
  HIPAA will give employees more control over health information, but unfortunately, there will be more steps and procedures in place in order for employees to have more control and protection over health information.

• Employers Face Strict Medical Privacy Rules by Melissa Fowler, Dayton Business Journal, January 24, 2003
  Analysts say mid-sized and large employers need to be just as ready as doctors, hospitals and insurance companies to comply with federal privacy rules that go into effect this spring. Organizations may conclude 'I'm not in the medical business; I don't handle data, so I figure it doesn't apply to me - or my insurance carrier is probably complying, so I don't have to.'" But the deadline also applies to companies that contract with an insurance company and pay at least $5 million in health care premiums a year as well as to companies that are self-insured and pay $5 million worth of claims annually. According to Paul Routh, a Dayton-based attorney specializing in employee benefits, most companies with 500 or more employees will fall under HIPAA.

Governments, State & Local

• HIPAA's Impact on State Governments (PDF)
  Appendix III of PriceWaterhouseCoopers' white paper, "HIPAA's Myths, Practical Realities and Opportunities."

• Minnesota Answers HIPAA’s Call
  Greg Anderson had two choices when he learned what states had to do to comply with HIPAA. Minnesota’s supervisor of e-commerce and electronic data interchange for the Department of Human Services needed to procure a new system or redesign the current one. Anderson chose the latter, putting Minnesota ahead of many other states in complying with the federal mandate.
  

• Governing.com's Guide to Health Care Technology: The HIPAA Headache
  It’s complex, costly and confusing. Most states are still trying to figure out what the law that standardizes electronic health data is all about.
  
  
• HIPAA Government Information Value Exchange for States (GIVES) is a collaborative state government health care focus group resulting in the sharing of information through a clearinghouse highway and providing a forum for discussing and resolving issues in meeting HIPAA legislation.
  
  
• State Government White Paper written by GIVES members and other contributors describing the unique challenges and options available to State Governments as they implement HIPAA compliance.
  
  
• HIPAA & the States: Critical Issues and Compliance Strategies issue brief for states as they implement HIPAA.
  
  
• County HIPAA listserve available through Yahoo!Groups is for local government HIPAA coordinators to share information and get questions answered about their compliance efforts.
  

Health Plans

What HIPAA Means to Health Plans from HealthLeaders

Hospitals

• Report on the Impacts of the HIPAA Final Privacy Rule on Hospitals
  The American Hospital Association (AHA) commissioned a study, published in late March 2001, by a reputable large accounting firm to provide compliance cost estimates related to HIPAA and some other legislation applicable to hospitals.
  
  
• What HIPAA Means to Hospitals from HealthLeaders

Human Resources

Minority, Sick Workers Fear Misuse of Health Data by Kathy Gurchiek, HR News, December 2, 2005
Keeping personal health information private is a concern among a majority of US consumers, most of whom worry that employers will use their medical data to limit their job opportunities, according to the National Consumer Health Privacy Survey 2005.

From the Jackson Lewis Employee Benefits Practice Group:

• Updated Guidance Precedes Upcoming Deadline For HIPAA Privacy Compliance
  
  
• Federal Rules Require Covered Employers to Limit Use and Disclosure of Protected Health Information, Preventive Strategies, Spring 2002
  

Employee Health Benefit Plans

• Employee Health Benefit Plans: The Forgotten Covered Entity
  Federal HIPAA regs treat employee health benefits plans as separate legal entities, distinct from their employer sponsors. Depending on how these health plans provide their benefits, they may be subject to some, or all, of the administrative simplification regulations.
  

Journalists

• HIPAA and Newsgathering by Andrew M. Mar and Alison Page Howard, Davis Wright Tremaine LLP
  Fortunately, HIPAA does not regulate what the media can report about. Nonetheless, journalists should be prepared to deal with and, if necessary, challenge, the manner in which agencies they cover interpret these regulations.

Labs

• HIPAA Will Bring Major Change to Industry Routines, But Labs Have Certain Advantages in Compliance from Lab Economics magazine

Marketing (Marketers)

• Will HIPAA Prompt Greater Scrutiny of Sensitive Consumer Data? by Kristen Bremner, DMNews, February 3, 2003
  Though new medical privacy regulations under HIPAA may not affect the list industry directly, they could lead to scrutiny of other data collection and handling practices. The Direct Marketing Association released a fact sheet last month to help marketers determine whether new privacy provisions of HIPAA apply to their business practices.
  
  
  • DMA fact sheet on HIPAA

Optometry / Ophthalmology Practices (Optometrists / Ophthalmologists)

• HIPAA and the New Privacy Regulations
  It is clear that the privacy rules will affect each and every optometry practice that electronically transmits data, either from their own office or through a billing company, in connection with the claim for payment for optometry services.
  
  
• Six Ways to Prepare for the HIPAA Privacy Standard

  From "Ophthalmology Management":

  • The Right Reaction to HIPAA
    
    

From "Review of Optometry":

• Will HIPAA Revisions Cozy to Doctors at Cost to Patients?
  
  
• Power Up The Shredder

Pharmacies (Pharmacists)

• Get Hip to HIPAA by Joseph Tarnowski , Progressive Grocer, February 15, 2003
  Pharmacies must soon comply with the new federal rule to protect patients' privacy. It's a lot of work, and there's little time to do it.
  
  
• HIPAA: Final Countdown? by Carol Ukens, Drug Topics Online Magazine, October 21, 2002
  April 14 is pharmacy's D Day, as in Deadline Day, when Uncle Sam expects the healthcare industry to be in compliance with the HIPAA mandate. But with only six months to complete a daunting to-do list, some question whether it's possible to turn the healthcare ship around in time.
  
  
• The National Association of Chain Drug Stores' (NACDS) HIPAA Privacy Compliance Program helps pharmacies and their business associates comply with the HIPAA privacy standards, considered the most difficult regulatory challenge facing pharmacies today.

Physician Practices

Family Physicians

• American Academy of Family Physicians (AAFP) HIPAA Resources
  Provides high-quality, reliable information and offers assistance to physicians who are preparing for HIPAA compliance.
  
  
• Ten Questions to Ask Your Vendor
  If you haven't been contacted about HIPAA compliance by your practice management software vendor, it's time to become proactive, says the AAFP director of health information technology.
  

• How to "HIPAA" – Top 10 Tips (PDF)
  The American Medical Association (AMA) offers a free booklet of tips with detailed explanations for physicians as they work to comply with HIPAA administrative simplification provisions.
  
  
• What HIPAA Means for Physicians from HealthLeaders

Psychiatry/Psychology Practices (Psychiatrists/Psychologists)

• HIPAA Compliance Guidelines from the American Psychiatric Association (APA):
  
  • "Minimum Necessary Guidelines for Third-Party Payers for Psychiatric Treatment" APA Position Statement (PDF)
  • "Psychotherapy Notes Provision of the HIPAA Privacy Rule" APA Resource Document (PDF)
  • "Documentation of Psychotherapy by Psychiatrists" APA Resource Document (PDF)
    
• HIPAA Resource from the American Psychological Association (APA) Practice Organization and the APA Insurance Trust on how HIPAA applies to psychological practice.

Radiology (Radiologists)

• HIPAA and the Radiology Practice from Decisions in Imaging Economics magazine
  

Small Groups/Satellite Offices

• Taking One for the Team
  Offers HIPAA how-to's for small groups and larger groups' satellite offices.
  

Team Physicians

• HIPAA and the Team Physician (PDF) from the American Orthopaedic Society for Sports Medicine, March/April 2003

Trustees

• Is Your Privacy Exposed? Why Trustees Should Get Smart on the HIPAA Privacy Regulations from HealthLeaders News, March 3, 2003
  
  
• 8 Things Trustees Should Know (Or Do) About HIPAA

Workers' Comp

• Privacy Implications of HIPAA on State Workers' Compensation Systems
  This white paper from the International Association of Industrial Accident Boards and Commissions addresses privacy and confidentiality in the handling of individually identifiable health information collected and used in connection with the adjudication, payment, and regulatory compliance of claims filed under state workers' compensation systems.

Go to TOP