One of the important areas of law and ethics in business relates to privacy righ
ID: 348898 • Letter: O
Question
One of the important areas of law and ethics in business relates to privacy rights. Several laws have been passed that direct businesses to respect privacy. In this thread, let's consider how HIPAA, GLB, and COPPA laws can help ensure people's privacy. What is their ethical justification? Is there gray area in these laws? How do some businesses try to find their way around these laws?One of the important areas of law and ethics in business relates to privacy rights. Several laws have been passed that direct businesses to respect privacy. In this thread, let's consider how HIPAA, GLB, and COPPA laws can help ensure people's privacy. What is their ethical justification? Is there gray area in these laws? How do some businesses try to find their way around these laws?
One of the important areas of law and ethics in business relates to privacy rights. Several laws have been passed that direct businesses to respect privacy. In this thread, let's consider how HIPAA, GLB, and COPPA laws can help ensure people's privacy. What is their ethical justification? Is there gray area in these laws? How do some businesses try to find their way around these laws?
Explanation / Answer
1. HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information. The law has emerged into greater prominence in recent years with the proliferation of health data breaches caused by cyberattacks and ransomware attacks on health insurers and providers. The act, which was signed into law by President Bill Clinton on Aug. 21, 1996, contains five sections, or titles.
Purpose of HIPAA : HIPAA, also known as Public Law 104-191, has two main purposes: to provide continuous health insurance coverage for workers who lose or change their job, and to reduce the administrative burdens and cost of healthcare by standardizing the electronic transmission of administrative and financial transactions. Other goals include combating abuse, fraud and waste in health insurance and healthcare delivery and improving access to long-term care services and health insurance.
HHS expanded the act when it put the HIPAA omnibus rule in place in 2013 to implement modifications to HIPAA in accordance with guidelines set in 2009 by the Health Information Technology for Economic and Clinical Health (HITECH) Act. These guidelines concern the responsibilities of business associates of covered entities. The omnibus rule also increased penalties for HIPAA compliance violations to a maximum of $1.5 million per incident.
HIPAA Privacy Rule: The Standards for Privacy of Individually Identifiable Health Information, commonly known as the HIPAA Privacy Rule, establishes the first national standards in the United States to protect patients' personal or protected health information (PHI). HHS issued the rule to limit the use and disclosure of sensitive PHI. It seeks to protect the privacy of patients by requiring doctors to provide patients with an account of each entity to which the doctor discloses PHI for billing and administrative purposes, while still allowing relevant health information to flow through the proper channels. The privacy rule also guarantees patients the right to receive their own PHI, upon request, from healthcare providers covered by HIPAA.
Following are covered by and must follow HIPAA: The HIPAA Privacy Rule applies to organizations that are considered HIPAA-covered entities, including health plans, healthcare clearinghouses and healthcare providers. In addition, the HIPAA Privacy Rule requires covered entities that work with a HIPAA business associate to produce a contract that imposes specific safeguards on the PHI that the business associate uses or discloses.
Following information is protected: The HIPAA Privacy Rule protects all individually identifiable health information that is held or transmitted by a covered entity or a business associate. This information can be held in any form, including digital, paper or oral. This individually identifiable health information is also known as PHI under the Privacy Rule.
2. GLB Act or GLBA (The Gramm-Leach-Bliley Act) , also known as the Financial Modernization Act of 1999, is a federal law enacted in the United States to control the ways that financial institutions deal with the private information of individuals.
It consists of three sections:
The Act also requires financial institutions to give customers written privacy notices that explain their information-sharing practices.
3. COPPA (The Children's Online Privacy Protection Act) is a law created to protect the privacy of children under 13. The Act was passed by the U.S. Congress in 1998 and took effect in April 2000. COPPA is managed by the Federal Trade Commission (FTC). COPPA was passed to address the rapid growth of online marketing techniques in the 1990s that were targeting children. Various Web sites were collecting personal data from children without parental knowledge or consent.
The Act specifies:
That sites must require parental consent for the collection or use of any personal information of young Web site users.
COPPA requires that site operators allow parents to review any information collected from their children. In practice, this means that any relevant site has to provide full access to all user records, profiles and log-in information when a parent requests it. The FTC has stipulated that parents may delete certain information but may not otherwise alter it. Any Web site that collects information from children under the age of 13 has to abide by COPPA. The Act affects many popular sites like MySpace.com, Facebook.com, Friendster.com, Xanga.com and other social networking sites
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.