Wednesday August 20, 2008 Only 82 days until Conference

My Account | Shopping Cart | Home | E-mail this Page

Contact ISPA
History of ISPA
Board of Directors
Chairmen's Circle
Volunteer Task Forces
Code of Ethics
Bylaws
Sustainability

Join Now
Membership Information
Benefits
Member Directory
Spa Calendar
Resource Partner Calendar

Annual Conference
Knowledge Networks
ISPA Pavilion at Beyond Beauty
Industry Calendar

Research & Business Tools
Certified Spa Supervisor Program
Resources
Community Forum
Retail Management for Spas Course

Search for a Spa
Spa 101
Spa Travel Agents
Healthy Living

Search Openings
Post Openings
Search Resumes
Post Resume

LiveSpa
Pulse

Press Releases
Resources
Events

About the Foundation
Education & Resources
Events
Focus on the Future
Mary Tabacchi Scholarship

About ISPA Membership Events Education & Resources Visit a Spa Job Bank Magazines Media Room ISPA Foundation

Research & Business Tools

Certified Spa Supervisor Program

Resources

Industry Stats

Skin Care Therapy Requirements

Consumer Trends

Code of Conduct

HIPAA

Cosmetology Boards

Spa Consultants

Massage Laws

10 Spa Domains

Community Forum

Retail Management for Spas Course

Search:

ISPA WWW

Hipaa

In April 2003, the US Department of Health and Human Services issued regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which may affect some ISPA members. Essentially, HIPAA's sweeping health information privacy rules are designed to ensure the protection and security of medical records and other personal health information and to protect an individual's right to privacy in matters involving their health care. Where an individual's health information is to be used or disclosed for specific purposes other than for treatment, payment or health care operations, a written authorization is required.

The HIPAA rules apply to all "Covered Entities," defined as health plans, health care clearinghouses and health care providers that transmit any health information in electronic form in connection with a list of specified transactions. ISPA members are not health plans or health clearinghouses. Importantly, however, they may be considered health care providers.

Because of the diversity of services provided by ISPA members, HIPAA's federal privacy requirements may not apply to every ISPA member. If your company does not furnish, bill or receive payment for health care in the normal course of business, then the HIPAA requirement does not affect you. For ease of determining whether your company should comply, follow the HIPAA Decision Tree below.

Finally, if you/your company are not covered health care providers under the federal HIPAA requirements, please also be sure to check your state privacy laws and regulations to review what is required. As well, it is most wise for your company to develop a statement of privacy or confidentiality in any event, irrespective of whether HIPAA affects its operations.

More information

HIPAA Memorandum (PDF) -explains, in general terms, key points regarding the application of HIPAA to ISPA members.
HIPAA Decision Tree & Definitions

INTERNATIONAL SPA ASSOCIATION_®

LEXINGTON, KENTUCKY
ispa@ispastaff.com
1.888.651.ISPA
fax: 1.859.226.4445

Site Map | Contact Us | Privacy Policy