“Health Insurance Portability and Accountability Act”

The principle behind the act is simple; if you want people to be able to move from doctor to doctor as freely and simply as possible, their records need to be portable which, in today’s world means they also need to be digitized. And if they are going to be digitized, they need to be secured. That’s mostly what HIPAA aims to achieve – secure, portable health records.

Enacted in 1996, the Act regulates the use and disclosure of certain health-related information held by “covered entities,” which include health plans, health care clearinghouses (i.e. billing services) and health care providers. HIPAA requires, among other things, that covered entities notify individuals of the uses of their PHI, monitor disclosures of PHI, document privacy policies and procedures and appoint a privacy official and contact person to receive complaints regarding privacy breaches.

The HIPAA requirements were significantly expanded by HITECH.

« Back to Glossary Index