1. Junli M. Awit, RN

2.  Enacted by President Bill Clinton in 1996  Title I of HIPAA protects health insurance coverage for workers and their families when they change or lose their jobs.  Title II of HIPAA known as the administrative simplification provisions requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans and employers.

3.  The privacy rule protects all “individually identifiable health information” - past, present or future physical or mental health or condition - the provision of health care to the individual - past, present or future payment for the provision of health care to the individual  The privacy rule calls this information “protected health information” (PHI)

4.  Administrative Safeguards  Policies and procedures designed to clearly show how the entity will comply with the act  Covered entities must adopt a written set of privacy procedures and designate a privacy officer.  A contingency plan should be in place for responding to emergencies (backing up data)

5.  Physical Safeguards  Controlling physical access to protect against access to protected data.  When equipment is retired, it must be disposed of properly to ensure that PHI is not compromised.  Access to hardware and software must be limited to properly authorized individuals.  Policies are required to address proper workstation use (monitor screens should not be in direct view to the public).  Agents must be fully trained on their physical access responsibilities.

6.  Technical Safeguards  Controlling access to computer systems and enabling covered entities to protect communications containing PHI transmitted electronically over open networks from being intercepted by anyone other than the intended recipient.  Information systems housing PHI must be protected from intrusion.  Each covered entity is responsible for ensuring that the data within its systems has not been changed or erased in an unauthorized manner.  Documented risk analysis and risk management programs are required.

7.  Is the HIPAA applicable to the Philippine health care setting?  Are Filipino health workers ready to use electronic health records (following HIPAA guidelines)?

8.  The HIPAA Law and Related Information. (2012) Retrieved May 3, 2013 from http://www.cms.gov/Regulations- and-Guidance/HIPAA-Administrative- Simplification/HIPAAGenInfo/index.html?redirect=/HIPAAGenInfo/  Health Insurance Portability and Accountability Act. Retrieved May 3, 2013 from http://en.wikipedia.org/wiki/Health_Insurance_Portability_and_Accountability_Act  Understanding HIPAA Policy: Summary of the HIPAA Privacy Rule. Retrieved May 3, 2013 from http://www.hhs.gov/ocr/privacy/hipaa/understanding/summary/index.html END