Share this article on:
What does HIPAA mean? HIPAA is an acronym of the Health Insurance Portability and Accountability Act – A legislative act that was signed into law in the United States by Bill Clinton on August 21, 1996.
Initially, HIPAA was introduced to reform the healthcare industry and had two main aims: To ensure that when employees were between jobs, they would still be able to maintain healthcare coverage – The P in HIPAA – Portability. The second aim was to ensure the security and confidentiality of health information – The first A in HIPAA – Accountability.
HIPAA includes standards that were intended to simplify healthcare transactions, in particular, with respect to electronic data transmission. These included the use of specific code sets and identifiers.
Over the past two decades, HIPAA has been transformed and now includes many new rules that healthcare organizations must follow to ensure the privacy of patients is protected, sensitive data is kept secure at all times, and in the event of a data breach, affected individuals are notified.
Major revisions of HIPAA Rules took place in 2003 with the introduction of the HIPAA Privacy Rule and in 2006 with the introduction of the HIPAA Security Rule. The Privacy Rule included a number of provisions that limit the allowable uses and disclosures of ‘Protected Health Information’ or PHI. The Security Rule covers access to healthcare data and safeguards to prevent accidental or intentional disclosures of PHI to unauthorized individuals. The Security Rule also requires covered entities to permanently destroy PHI when it is no longer required.
Following the passing of the HITECH Act in 2009, the Breach Notification Rule was introduced, requiring notifications to be issued in the event of data breaches and extending HIPAA requirements to business associates. Additional HITECH requirements and other updates were introduced with the Omnibus Rule in 2013.
So, what does HIPAA mean for patients? HIPAA means patients’ personal information and health data is always protected, whether at rest or in transit. HIPAA means patients can obtain copies of their health data on request, and that they will be notified if their protected health information is accessed or obtained by unauthorized individuals.
For a more extensive history lesson on HIPAA, including details of important changes to the legislation over the past two decades, visit our HIPAA History page, which also features a useful infographic summarizing important changes to the legislation.