The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that imposes portability, nondiscrimination, and certain other requirements on employer-sponsored health plans. There are also regulations covering how employers must protect employees’ medical privacy rights as well as the electronic disclosure of employees’ medical information.
HIPAA also requires you to cover employees’ and their dependents’ preexisting health conditions under certain circumstances, as well as to protect the privacy of health information.
HIPAA privacy regulations
The Act’s regulations prescribe the permitted uses and disclosures of individually identifiable health information by certain entities, including employers that have access to employee health information. In addition, the Americans with Disabilities Act (ADA) requires employers to keep confidential medical information in a file separate from all other employment or personnel files.
HIPAA nondiscrimination rules
The Act prohibits discrimination in group health plans in two areas: (1) eligibility to enroll in the plan and (2) premium rates. In general, HIPAA prohibits a plan from establishing eligibility rules or imposing a higher premium rate than the premium for similarly situated individuals based on a “health status-related” factor.
Such factors include health status, medical condition, claims experience, receipt of health care, medical history, genetic information, evidence of insurability (including conditions arising out of acts of domestic violence), and disability.
Related articles on HIPAA from the State Employment Law Letters designates additional valuable resources available exclusively to Employment Law Letter subscribers