All employers who sponsor a health plan should understand their obligations under HIPAA. HIPAA and subsequent regulations, including the HITECH Act, protects employee health information as it relates to a group health plan. It creates compliance obligations for health plans that vary based on whether the plan is fully-insured or self-insured and how much protected health information an employer receives.
- Lay out the basic compliance requirements of HIPAA and HITECH
- Review key terms
- Discuss how HIPAA applies to health plans based on funding and the flow of information
- Present the difference between compliance for fully-insured and self-insured plans
- Discuss how HIPAA applies when plan sponsors self-administer plans such as an FSA or HRA
- Review the consequences of violating HIPAA / HITECH
- Discuss the new breach procedures and audits under the HITECH Act
- Describe best practices in HIPAA / HITECH compliance
Employers should walk away from this 90-minute session with an understanding of how HIPAA applies to their health plan and what they need to do in order to avoid costly breaches and penalty assessments.