What is HIPAA? Health Insurance Portability and Accountability Act

Description

The Health Insurance Portability and Accountability Act of 1996 is a United States Act of Congress enacted by the 104th United States Congress and signed into law by President Bill Clinton on August 21, 1996.  The HIPAA act required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s knowledge or consent.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule.

HIPAA Privacy Rule

The Privacy Rule standards address the use and disclosure of individuals’ health information (known as protected health information or PHI) by entities subject to the Privacy Rule. These individuals and organizations are called “covered entities.”

The Privacy Rule also contains standards for individuals’ rights to understand and control how their health information is used. A major goal of the Privacy Rule is to make sure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high-quality healthcare, and to protect the public’s health and well-being. The Privacy Rule permits important uses of information while protecting the privacy of people who seek care and healing.

Covered Entities

The following types of individuals and organizations are subject to the Privacy Rule and considered covered entities:

  • Healthcare providers: Every healthcare provider, regardless of size of practice, who electronically transmits health information in connection with certain transactions. These transactions include:
  • Claims
  • Benefit eligibility inquiries
  • Referral authorization requests
  • Other transactions for which HHS has established standards under the HIPAA Transactions Rule.
  • Health plans:
    Health plans include:
  • Health, dental, vision, and prescription drug insurers
  • Health maintenance organizations (HMOs)
  • Medicare, Medicaid, Medicare+Choice, and Medicare supplement insurers
  • Long-term care insurers (excluding nursing home fixed-indemnity policies)
  • Employer-sponsored group health plans
  • Government- and church-sponsored health plans
  • Multi-employer health plans

Exception: A group health plan with fewer than 50 participants that is administered solely by the employer that established and maintains the plan is not a covered entity.

  • Healthcare clearinghouses: Entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. In most instances, healthcare clearinghouses will receive individually identifiable health information only when they are providing these processing services to a health plan or healthcare provider as a business associate.
  • Business associates: A person or organization (other than a member of a covered entity’s workforce) using or disclosing individually identifiable health information to perform or provide functions, activities, or services for a covered entity.These functions, activities, or services include:
  • Claims processing
  • Data analysis
  • Utilization review
  • Billing
Related Posts
Alphabet Soup of Cloud Terminology
abc

As with any technology, the cloud brings its own alphabet soup of terms.  This article will hopefully help you navigate Read more

PII Explained
PII

Personal Identifiable Information (PII) is defined as: Any representation of information that permits the identity of an individual to whom Read more

Can-Spam Explained
CAN-SPAM

CAN-SPAM Act: A Complete Compliance Guide for Businesses Are you utilizing email for your business? The CAN-SPAM Act, legislation governing Read more

Business Analysis and Project Management Acronyms
Salesforce analytics insurance

Here is a helpful glossary of terms you may encounter when discussing business analysis and project management. AcronymMeaningDefinitionBPMNBusiness Process Management Read more