What is
HIPAA?
Why
is HIPAA important in deciding whether to
elect COBRA coverage?
What
employer plans are subject to HIPAA?
What are
the consequences for failing to comply with
HIPAA?
More about
HIPAA?
What
is HIPAA?
HIPAA is an acronym for the
Health
Insurance Portability & Accountability
Act of 1996 (August 21), Public Law 104-191,
which amends the Internal Revenue Service Code
of 1986. It is also known as the
Kassebaum-Kennedy Act.
It
is far-reaching legislation designed to improve
the portability of health coverage, to
standardize health care transactions, to impose
privacy and security requirements, and to make
other changes to the health care delivery
system. The laws governing HIPAA are detailed
and complex. Sometimes the rules are vague or
even contradictory. Getting them wrong can have
serious legal consequences.
Why is HIPAA
important in deciding whether to elect COBRA
coverage?
HIPAA is a federal law that
regulates employer group health plans and health
insurance companies. HIPAA is important to your
decision whether to elect COBRA coverage because
HIPAA may affect when other coverage is
available to you and the types of other coverage
available to you, including the extent to which
coverage can be restricted under a “preexisting
condition exclusion”.
What employer plans are subject to HIPAA?
HIPAA’s limits on preexisting
condition exclusions, special enrollment rights,
and restrictions on discrimination based on
health status apply to most but not all employer
group health plans. Generally HIPAA applies to
plans with two or more employees. In addition,
special exceptions apply to certain plans
maintained by State or local governments and
certain plans maintained by church
organizations. Further, the HIPAA rules
generally do not apply to coverage for certain
types of excepted benefits.
What are the consequences for failing to comply
with HIPAA?
Employers and insurers that do not comply with
HIPAA will face monetary penalties and lawsuits.
When enforcement action is taken against a plan,
the employer sponsoring the plan generally is
held responsible. HIPAA is jointly enforced by
the IRS, the Department of Labor (DOL), and the
Department of Health and Human Services (HHS).
ü
The
IRS may assess an excise tax penalty for a group
health plan’s failure to furnish certificates
and for other failures to comply with HIPAA’s
PCE, special enrollment, and nondiscrimination
requirements. The excise tax amount is $100 per
day of noncompliance for each individual to whom
the failure relates. The penalty is imposed on
the sponsoring employer.
ü
The
DOL is actively auditing plans for compliance
with HIPAA’s PCE, special enrollment, and
nondiscrimination requirements, and it may bring
a civil action against an employer or insurance
issuer to enforce these requirements.
ü
HHS
can impose civil penalties for violation of
HIPAA’s administrative simplification (including
privacy) provisions of up to $100 per violation,
with the total amount imposed on a person for
all violations of an identical requirement
during a calendar year not to exceed $25,000.
The maximum relates to each separate type of
violation, and compliance failures most likely
would involve numerous HIPAA provisions. HHS
also enforces the HIPAA requirements that apply
to insurance issuers.
ü
Criminal penalties may apply if a person
knowingly uses or discloses individually
identifiable health information in violation of
HIPAA.
In addition, plan participants and beneficiaries
may be able to bring private lawsuits to enforce
HIPAA’s PCE, special enrollment, and
nondiscrimination provisions. Anyone can file a
complaint with HHS if they believe that an
entity is not complying with HIPAA’s privacy or
security requirements.
More About HIPAA?
This section on About
HIPAA is limited to very basic information.
The HIPAA manual we use as a
reference is over 1300 pages long and it only
addresses about 80% of HIPAA situations and is
limited to a specific area of HIPAA practice.
For more detailed information or if you have a
question about more complex HIPAA issues contact
the
Compliance Officer
at The Compliance Office.
