bar-left3.gif (1109 bytes)

bar-right3.gif (189 bytes)

click here to return to ADMH/MR Home
  Welcome
  Mental Illness
  Mental
  Retardation

  Substance
  Abuse
  Advocacy
  Administration
  Community
  Programs
  Media Center
  Documents and
  Publications
  Alabama Family
   Trust
  HIPAA
  Find Services by
   County*
  Related Sites
  ASAIS / MRSIS

*requires Acrobat Reader. Click here to obtain a free copy

 

 

 
FOR IMMEDIATE RELEASE

DEPARTMENT DMH/MR CERTIFIED FOR CONFORMITY TO HIPAA PRIVACY STANDARDS

June 13, 2003
Contact: Dr. John C. Ziegler, Public Information Office
Phone: (334) 242-3417
Montgomery---The Alabama DMH/MR recently received a certificate of compliance with HIPPA privacy regulations from EMR Legal, Inc., a national consulting firm based in Overland, Kansas. The department began working on HIPAA requirements in early calendar 2001 with appointment of a broad-based HIPAA committee. By mid 2002, it was determined that an outside consultant with experience, knowledge, and expertise with HIPAA, health law, and related areas was required to assist the department in meeting the privacy deadline of April 14, 2003. DMH/MR officials made a thorough review of existing policies and procedures to ensure compliance with the privacy requirements. This included performing gap analyses, risk analyses, and assessment of existing policies and procedures. Following their analysis, officials developed a plan to meet the April 14, 2003 privacy deadline. With assistance from the outside consultant, EMR Legal, Inc., the department implemented the plan and met the April 14, 2003 privacy requirements.

HIPAA HISTORY

The Health Insurance Portability and Accountability Act (HIPAA), was signed into law in 1996, primarily to enable employees and their families to maintain their health care benefits when changing employers or to continue coverage in case of a major event (e.g., job loss, sickness). HIPAA affects the entire health care and treatment industry and has broad implications for the Department of Mental Health and Mental Retardation and other agencies that provide medical-type care.

Imbedded within the Portability Act are several “administrative simplification” requirements. The U.S. Department of Health and Human Services (DHHS) has responsibility for these provisions. Compliance with these regulations will be enforced by the Justice Department’s Office of Civil Rights.

BASIC REQUIREMENTS

HIPAA regulations impact all entities in the health care industry that perform basic functions such as treatment and care, claims processing, enrollment, billing, payment, coordination of benefits, etc. Briefly, the regulations require that each such entity:

1. Maintain reasonable and appropriate administrative, technical, and physical safeguards to ensure the integrity and confidentiality of health care and treatment information;

2. Protect against reasonably foreseeable threats or hazards to the security and integrity of the information; and

3. Protect against unauthorized uses or disclosures of the information.

There are three HIPAA compliance deadlines:

1. Privacy, by April 14, 2003;

2. Electronic transactions, October 2003; and

3. Security, by April 2005.