Health Insurance Portability and Accountability Act (HIPAA) Requirements
What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) enacts sweeping changes in how the healthcare professions handle the administrative details of their practices, and contains a broad and stringent framework for the privacy and confidentiality of personally identifiable health information. This Federal statute was enacted as Public Law 104-191. Further information regarding this act can be found at the Department of Health and Human Services (HHS) website.
What issues are addressed by HIPAA?
The Administrative Simplification provisions of HIPAA (Title II of the Act) require HHS to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. Covered entities must comply with the technical standards and data sets adopted by HHS. HIPAA also addresses the security and privacy of health data, and establishes stringent procedures that covered persons and entities must follow in obtaining and disclosing personally identifiable health information.
Where can I find more information about HIPAA?
Licensing boards do not administer the provisions of HIPAA. Therefore, board staff are not expert in providing guidance to licensees with regard to HIPAA compliance. Licensees with questions regarding HIPAA should seek answers through the following resources:
- HHS's website provides a great deal of information, including frequently asked questions.
- Another good source of information is the HIPAA website maintained by the HHS Centers for Medicare and Medicaid Services.
- HHS's Office of Civil Rights (OCR) implements the HIPAA privacy regulations. Guidance about the privacy requirements may be found on OCR's website at www.hhs.gov/ocr/hipaa.