HIPAA Resources

The Administrative Simplification provisions of HIPAA require the Secretary of the federal Department of Health and Human Services (DHHS) to issue regulations and adopt standards to implement the law. The federal HIPAA regulations issued by the DHHS include: Electronic Transactions and Code Sets, Privacy, Security and National Provider Identification.

The Internet offers many solutions and resources to consult when trying to conform to HIPAA's rules and regulations. This page is designed to provide you with access to helpful web sites, and to offer other solutions and resources that may be of particular interest.

Training: 

• HIPAA Computer-based training for Business Associates

Privacy:

• For more information on the Privacy Rule visit the DHHS Office for Civil Rights.
• E-mail questions about Privacy Standards to: ocrprivacy@os.dhhs.gov
  Telephone: (866) 627-7748
• Privacy Rule (HHS): http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/index.html
• HIPAA Privacy Rule & Public Health (CDC): http://www.cdc.gov/mmwr/pdf/other/m2e411.pdf

Privacy - HITECH

• HHS issues guidance regarding methods for de-identification of protected health information in accordance with the HIPAA privacy rule
• HHS issues proposed rule on HIPAA Privacy Rule Accounting of Disclosures under the Health Information Technology for Economic and Clinical Health Act (HITECH)
• HHS issues Notice of Proposed Rulemaking to Implement HITECH Act Modifications to the HIPAA Rules (July 8, 2010)
• What's New in Privacy (HHS) (right hand side of page) http://www.hhs.gov/ocr/privacy/index.html
• HITECH Privacy regulation (begins on page 144): http://frwebgate.access.gpo.gov/cgi-bin/getdoc.cgi?dbname=111_cong_bills&docid=f:h1enr.txt.pdf
• Breach Notification for Unsecured Protected Health Information - Interim Final Rule (August 24, 2009) http://edocket.access.gpo.gov/2009/pdf/E9-20169.pdf
• HITECH Act Enforcement Initerim Final Rule (October 29, 2009) http://www.hhs.gov/ocr/privacy/hipaa/administrative/enforcementrule/hitechenforcementifr.html 
• Timeline of HIPAA Changes

Security:

The final rule adopting HIPAA standards for the security of electronic health information was published in the Federal Register on February 20, 2003. To view security information and procedures covered entities must use to assure the confidentiality of electronic protected health information visit:

• Privacy and Security Standards - http://www.hhs.gov/ocr/privacy/hipaa/administrative/index.html
• Security Rule http://www.hhs.gov/ocr/privacy/hipaa/understanding/srsummary.html 
• HIPAA Administrative Simplification Statute & Rules - http://www.hhs.gov/ocr/privacy/hipaa/administrative/index.html
• NIST Security Resource - http://csrc.nist.gov/

State Confidentiality Law Links:

Mental Health/AODA/DD 

• Wisconsin Statute 51.30 - State Alcohol, Drug Abuse, Developmental Disabilities and Mental Health Act
  http://www.legis.state.wi.us/statutes/Stat0051.pdf
• DHS 92 Adm. Code - Confidentiality of treatment records 
  http://www.legis.state.wi.us/rsb/code/dhs/dhs092.pdf
• DHS 94 Adm. Code - Patients Rights & Resolutions of Grievances 
  http://www.legis.state.wi.us/rsb/code/dhs/dhs094.pdf

Medicaid 

• Wis. Statute 49.475 - Information about Medicaid Assistance beneficiaries 
  http://www.legis.state.wi.us/statutes/Stat0049.pdf
• DHS 108 - General Medicaid Administration 
  http://www.legis.state.wi.us/rsb/code/dhs/dhs108.pdf

Provider

• Wisconsin Statute 146.81-84 - Miscellaneous Health Provisions (health care records)
  http://www.legis.state.wi.us/statutes/Stat0146.pdf
• Wisconsin Statute 252.15 - Commuicable Diseases - Restrictions on Use of HIV Tests
  http://www.legis.state.wi.us/statutes/Stat0252.pdf

Long-Term Care (Family Care)

• Wisconsin Statute 46 - Long-term Care (Confidentiality - Exchange of Information)
  http://www.legis.state.wi.us/statutes/Stat0046.pdf
• DHS 10 Adm. Code - Confidentiality and Exchange of Information (Family Care) 
  • DHS 10.23(7) ADRCs 
  • DHS 10.45(5) 
    • CMOS http://www.legis.state.wi.us/rsb/code/dhs/dhs010.pdf

Other

• HIPAA COW (HIPAA Collaborative of Wisconsin)
  http://www.hipaacow.org/home/home.aspx
• Wisconsin Office of Privacy Protection
  http://privacy.wi.gov/
• FTC Privacy Initiatives
  http://www.ftc.gov/privacy/index.html

Last updated:  December 21, 2012