HIPAA

Health Insurance Portability and Accountability Act

The HIPAA Act of 1996 was amended in August 2002 to provide a set of national standards for the protection of patient health information. A major goal is to assure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well being. The Rule strikes a balance that permits important uses of information, while protecting the privacy of people who seek care and healing. (Learn more about HIPAA at HIPAA.org.)

To implement the requirements of the amendment, the US Department of Health and Human Services issued the Privacy Rule. This rule addresses how “covered entities” use and disclose health information, as well as standards to help patients understand and control how their health information is used.

Pedersen Associates' Role: Business Associate

Pedersen Associates is not a "covered entity" under HIPAA’s Privacy Rule, so HIPAA rules do not apply directly to us, nor are we required to certify compliance.

Clients are generally deemed to be covered entities because they offer group health plans, so when we act as a consultant to a covered entity, Pedersen Associates may, at times, be considered a "business associate" of the covered entity because we use "individually identifiable health information" to provide consulting services to a group health plan. We’re absolutely committed to meeting the requirements of business associate agreements for our clients.

To learn more, call one of our experts at 414.847.2040 - or - download this Detailed Summary of the Privacy Act.