What Is HIPAA?

HIPAA stands for the Health Insurance Portability and Accountability Act and is a U.S. federal law enacted in 1996 as an attempt at incremental healthcare reform. It was subsequently revised in 2009 with the ARRA/HITECH Act and again in 2013 with the Omnibus Rule.
HIPAA’s intent was to reform the healthcare industry by reducing costs, simplifying administrative processes and burdens, and improving the privacy and security of patients’ health information. Today HIPAA compliance mainly revolves around the last item: protecting the privacy and security of patients’ health information.
Modax offers a full range of HIPAA compliance products from training and certification for an individual to full HIPAA compliance for organizations. We specialize in helping individuals and small to midsize organizations get HIPAA compliant in the most affordable, fastest, and easiest way possible.


Who Needs To Comply With HIPAA?

Any organization or person who works in or with the healthcare industry or who has access to protected health information.

Business Associates

  • Medical billing & collection companies
  • Medical answering services
  • IT Service and hosting companies
  • Software companies
  • Marketing companies
  • Medical device companies
  • Pharmaceutical companies
  • Transcription companies
  • Medical interpreters
  • Any business that works in the healthcare industry

Employer Group Health Plans

  • HR Benefits Staff
  • Self Insured Employer Group Health Plans
  • Fully Insured Employer Group Health Plans

Health Insurance Companies

  • Health Insurance providers
  • Vision Insurance providers
  • Dental Insurance providers
  • Prescription Drug Insurance providers

Healthcare Providers

  • Hospitals
  • Medical offices
  • Dental offices
  • Mental and behavioral health professionals
  • Nursing homes
  • Urgent care centers
  • Pharmacies
  • Durable medical equipment providers
  • Medical and healthcare personnel

HIPAA Compliance For An Organization

HIPAA compliance for an organization revolves around protecting the privacy and security of Protected Health Information (PHI) that the organization has or will have access to. PHI is any information that can be connected to an individual’s health condition.

Organizations looking to comply with the HIPAA regulations first have to determine which regulations they have to comply with.

There are two distinct and separate regulations under HIPAA:

1. HIPAA Privacy

Safeguards for keeping protected health information safe from a people, administrative, and contractual standpoint

2. HIPAA Security

Safeguards for keeping protected health information specifically in electronic form (computers, networks, email, software, electronic transmissions, etc) safe from disasters, hackers, and electronic theft.

*All organizations are required to comply with the HIPAA Privacy regulations, since Privacy involves safeguards from a people standpoint, but only those who store or transmit protected health information electronically are required to comply with the HIPAA Security regulations which is meant to protect electronic data. Once you know which regulations you need to comply with, then it is just a matter of knowing what you need to do to comply.

What Is Involved In Becoming HIPAA Compliant?

There are 3 Parts to becoming HIPAA Compliant.

  • Providing a HIPAA Awareness Training to all employees of the organization that have access to PHI
  • Implementing formal documents and controls for the organization to protect and safeguard PHI
  • Training of a compliance officer (someone in the organization that is going to take responsibility for HIPAA at your organization)

Why Chose Modax?

We are experts in HIPAA and our mission is to make HIPAA training and compliance fast, easy, and painless. We’ve done all the hard work so you don’t have to. We hope you’ll give us a try and in return we promise exceptional training and compliance products at an affordable price.