What is HIPAA?
HIPAA, the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191, was designed to improve the efficiency and effectiveness of the health care system. It included “Administrative Simplification” provisions that required the U.S. Department of Health and Human Services (HHS) to adopt national standards for electronic health care transactions. At the same time, Congress recognized that advances in electronic technology could erode the privacy of health information. Consequently, Congress incorporated into HIPAA provisions that mandated the adoption of federal privacy protections for individually identifiable health information.
What is the Impact of HIPAA’s Privacy Rule?
Health care providers have a strong tradition of safeguarding private health information (PHI). In today’s world, however, with information broadly held and transmitted electronically, the Privacy Rule provides clear standards for the protection of PHI.
The Rule requires certain activities to ensure this confidentiality. They include:
- Notifying patients about their privacy rights and how their information can be used.
- Adopting and implementing privacy procedures for its practice.
- Training employees so that they understand the privacy procedures.
- Designating an individual to be responsible for seeing that the privacy procedures are adopted and followed.
- Securing patient records containing individually identifiable health information so that they are not readily available to those who do not need them.