What Does Health Insurance Portability and Accountability Act (HIPAA) Mean?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was enacted with the purpose of creating national standards for the protection of individual medical and health information and records. In addition, HIPAA set forth standards permitting insured individuals to transfer and continue their health coverage when changing jobs, as well as mandating that preexisting condition waiting periods would not be repeated at each new employer as long as no gap in coverage occurred. Through HIPAA, regulations and procedures were enacted to assure that personal health information (PHI) was handled securely. Prior to HIPAA’s enactment, no single set of standards governed the health care industry’s use and security of personal medical information.
WorkplaceTesting Explains Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act assigned to the Department of Health and Human Services (DHS) the task of preparing regulations providing for the security and patient control of personal medical information and health records. The subsequent regulations addressed two key issues.
First, the regulations defined protected health information. Federal regulation 45 CFR 160.103, the HIPAA Privacy Rule, defines protected information as health information created or received by health care providers or other health industry entities that relates in any way to the physical or mental health of an individual and identifies or could reasonably be used to identify an individual. The regulations also affirm that employees have the right to access and control their own medical records. If health-related records are de-identified so that they cannot be linked to a specific employee, then the requirements of privacy may no longer apply.
Second, the HIPAA Security Rule was crafted for the handling of electronic information. These Security Standards for the Protection of Electronic Protected Health Information set guidelines for the protection of individually identifiable health information stored or transferred in electronic form. The overall goals of HIPAA were to assure patient rights to privacy, offer guidance covered organizations and provide a national framework for medical records handling.