In the past ten years, we’ve discovered how valuable personal data is. That realization came with a lot of changes and acts being signed into law. Some of those include HIPAA, FACTA, and GLBA – all reinforced or revisited by Congress in the last ten years. But what do these random arrangements of letters mean?
We’ve got your Guide below.
HIPAA is an acronym for a privacy-related health care coverage act. It stands for Health Insurance Portability and Accountability Act and initially passed Congress in 1996.
It requires health clinics, hospitals, and medical insurance companies to be more discrete with client information. For example, under HIPAA, a doctor can’t discuss a case outside of work with any identifying factors. These can be names, age, race, gender and a long list of others that could cause another person’s privacy to be disturbed.
It also grants patients the rights to always see their medical records and correct anything as needed.
Under HIPAA, the following information is protected:
- Your medical records
- Any conversations or notes between you and a doctor
- Your billing information
- The way your data is stored
- Billing information
HIPAA is the reason you fill out the same form every time you visit the doctor, even if you’ve just been there. That’s your avenue to make any record-related changes.
Another acronym, FACTA stands for the Fair and Accurate Credit Transitions Act. It’s an add on the previously-created Fair Credit Reporting Act. The government added FACTA to FCRA in 2003, when we began to understand the depth of identity theft.
Under FACTA, consumers have access to:
- Free credit reports
- Increased fraud alerts
- Activity alerts
- Truncation requirements (no full card #s on receipts)
- Victim Information and Help
- Collection agency reporting of identity theft
- Red flag alerts for creditors
- Proper disposal of consumer information
Yes, it’s FACTA’s fault that you have to sometimes sign in from two devices or answer a bank phone call confirming charges. As annoying as this can be, it’s keeping you safe and protecting your money.
As a business, FACTA means that you have to be more alert about company finances. If you run a background check on potential employees including a credit check, they have the right to see the results.
Your accountant is well versed in FACTA, so don’t feel shy about asking any questions.
The GLBA is less talked about than the above acts, but you’ve probably signed a few GLBA agreements recently. GLBA stands for the Gramm-Leach-Bliley Act and requires financial institutions to tell customers how they’ll use their data.
It builds on the other two in this article nicely. GLBA requires:
- Financial institutions to explain their data-sharing
- Institutions to inform customers of their right to opt out
- Institutions to code client information in a non-identifying way if shared with third parties.
As a business, this means you’ll need to make sure you’re not sharing identities if you’re sharing information. You can’t tell a third party that the Millers have $20,000 in student debt, but you can give them a non-identifying category.
HIPAA, FACTA, and GLBA
Behind all of these seemingly-complicated rules is the government trying to protect consumers rights to privacy. Whether you agree with the policies or not, that’s their intention.