HIPAA FAQ


What is HIPAA?

Health Insurance Portability and Accountability Act of 1996 is a law that is designed to safeguard sensitive consumer medical information. It allows patients the ability to maintain more control over their health information, set boundaries on how it’s used, and holds those who have access to the information accountable for inappropriate use of the information.


What rights do patients get because of HIPAA?


Who must comply with HIPAA laws?

Covered Entities:

Business associates:

Non-employees of a Covered Entity which has access to your health information when providing a service to the covered entity. - EX: Billing companies, companies that administer health plans, lawyers, accountants, IT, companies that store and destroy medical records, etc…


Who does not need to follow HIPAA laws?


What kind of information is protected under HIPAA?


How does an organization get HIPAA certified?

In order for an organization to be HIPAA compliant an organization must follow the rules outlined in 45 CFR 164.306, 308, 310, 312, 314. So long as these rules are followed the organization is HIPAA compliant. While there are private companies that will provide HIPAA compliant certifications these are not officially recognized by the department of Health and Human Services. Organizations will often perform a self evaluation to ensure they are compliant with HIPAA guidelines.


What has Metadot/Mojo Helpdesk done to be HIPAA compliant?

We have performed a self evaluation to ensure that we are compliant with HIPAA guidelines and we hold all of our business associates to the same standards.