When the Health Insurance Portability and Accountability Act (HIPAA) was first published in 1996, it lacked several key elements that were necessary to secure the personal data of healthcare patients. This prompted lawmakers to introduce the Administrative Simplification Rule, which consisted of new provisions to strengthen HIPAA. To learn more about the Administrative Simplification Rule and how it affects healthcare providers and their patients, keep reading.
Goal of the Administrative Simplification Rule
According to the Department of Health and Human Service (HHS), Congress passed the Administrative Simplification Rule for the purpose of protecting the privacy and security of “certain” health information, and to promote efficiency in healthcare by the implementation of standardized electronic transactions.
Why the Administrative Simplification Rule was Created
Before HIPAA was created, the vast majority of doctors and healthcare providers stored patient data on paper files. In fact, if you visited a doctor's office in the early 1990s or earlier, you probably noticed large file cabinets in which paper files were stored. As technology began to expand, however, it paved the way for a new, more efficient means of storing data: electronically. Doctors can now store thousands upon thousands of patient records on hard drives, USB flash drives, or even the cloud. To ensure the privacy of healthcare patients, Congress was forced to introduce the Administrative Simplification Rule in HIPAA.
Administrative Simplification Rule Provisions
Among the many new provisions introduced in the Administrative Simplification Rule is the use of unique identifiers. The National Provider Identifier Standards assigns a unique identifier to each and every healthcare provider to use on all of its healthcare-related transactions. This has resulted in improved quality of service, as well as reduced costs for healthcare providers.
Of course, the most important provision of the Administrative Simplification Rule is the introduction of new security standards. Before the Administrative Simplification Rule had been created, there really wasn't a need for doctors and other covered entities to protect their patients' electronic data from prying eyes. As more and more healthcare providers switched from paper files to digital files, however, the need for enhanced security became apparent.
The HIPAA Security Rule now lays out clear instructions that healthcare providers and covered entities must follow to protect their patients' data from unauthorized use. This include the implementation of technique, physical and administrative safeguards, as well regular internal system audits.