Share this article on:
What does HIPAA stand for? HIPAA is an acronym of the Health Insurance Portability and Accountability Act of 1996 – a legislative act that had the primary aim of improving portability and accountability of healthcare coverage for employees between jobs. HIPAA also helped to ensure employees with pre-existing health conditions were provided with health insurance coverage.
HIPAA also introduced standards that healthcare organizations were required to follow to reduce the paperwork burden and simplify the administration of health insurance. The HIPAA administrative simplification regulations streamlined billing, sending and receiving payments, and verifying eligibility. They also helped to ensure the smooth transition from paper to electronic health records and transitions.
Since 1996, there have been several major updates to HIPAA, notably the HIPAA Privacy Rule, the HIPAA Security Rule, the HIPAA Enforcement Rule, the inclusion of the Health Information Technology for Economic and Clinical Health (HITECH) Act requirements (The HIPAA Omnibus Final Rule), and the Breach Notification Rule.
Since these amendments have been made, HIPAA is now more commonly associated with protecting patient privacy and ensuring safeguards are implemented to ensure the confidentiality, integrity, and availability of electronic protected health information.
The HIPAA Privacy Rule details the allowable uses and disclosures of protected health information and gives patients the right to obtain copies of their health data.
The HIPAA Security Rule covers electronic protected health information, and the safeguards that must be implemented to keep the information secure and available at all times.
The HIPAA Enforcement Rule gave the Department of Health and Human Services’ Office for Civil Rights the power to enforce HIPAA Rules and issue financial penalties for noncompliance.
The Omnibus Rule introduced a swathe of changes to HIPAA Rules, incorporating the HITECH Act and making business associates of covered entities directly accountable for HIPAA violations.
The Breach Notification Rule requires covered entities to report all breaches of protected health information to the Office for Civil Rights and issue notifications to individuals affected by those breaches.
A more detailed explanation of HIPAA and important dates in the history of HIPAA legislation can be found on our HIPAA History page.