Share this article on:
The Health Insurance Portability and Accountability Act – or HIPAA as it is better known – is an important legislative Act affecting the U.S. healthcare industry, but what is the purpose of HIPAA? Healthcare professionals often complain about the restrictions of HIPAA – Are the benefits of the legislation worth the extra workload?
What is the Purpose of HIPAA?
HIPAA was first introduced in 1996. In its earliest form, the legislation helped to ensure that employees would continue to receive health insurance coverage when they were between jobs. The legislation also required healthcare organizations to implement controls to secure patient data to prevent healthcare fraud, although it took several years for the rules for doing so to be penned.
HIPAA also introduced several new standards that were intended to improve efficiency in the healthcare industry, requiring healthcare organizations to adopt the standards to reduce the paperwork burden. Code sets had to be used along with patient identifiers, which helped pave the way for the efficient transfer of healthcare data between healthcare organizations and insurers, streamlining eligibility checks, billing, payments, and other healthcare operations.
HIPAA also prohibits the tax-deduction of interest on life insurance loans, enforces group health insurance requirements, and standardizes the amount that may be saved in a pre-tax medical savings account.
HIPAA is a comprehensive legislative act incorporating the requirements of several other legislative acts, including the Public Health Service Act, Employee Retirement Income Security Act, and more recently, the Health Information Technology for Economic and Clinical Health (HITECH) Act.
Health Data Privacy and Security
HIPAA is now best known for protecting the privacy of patients and ensuring patient data is appropriately secured, with those requirements added by the HIPAA Privacy Rule of 2000 and the HIPAA Security Rule of 2003. The requirement for notifying individuals of a breach of their health information was introduced in the Breach Notification Rule in 2009.
The purpose of the HIPAA Privacy Rule was to introduce restrictions on the allowable uses and disclosures of protected health information, stipulating when, with whom, and under what circumstances, health information could be shared. Another important purpose of the HIPAA Privacy Rule was to give patients access to their health data on request. The purpose of the HIPAA Security Rule is mainly to ensure electronic health data is appropriately secured, access to electronic health data is controlled, and an auditable trail of PHI activity is maintained.
So, in summary, what is the purpose of HIPAA? To improve efficiency in the healthcare industry, to improve the portability of health insurance, to protect the privacy of patients and health plan members, and to ensure health information is kept secure and patients are notified of breaches of their health data.