What Is the Health Insurance Portability and Accountability Act (HIPAA)?
In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA) to address multiple health care issues including administrative simplification. The Administrative Simplification provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA, Title II) require the Department of Health and Human Services to establish national standards for electronic health care transactions and national identifiers for providers, health plans, and employers. It also addresses the security and privacy of health data. Adopting these standards will improve the efficiency and effectiveness of the nation's health care system by encouraging the widespread use of electronic data interchange in health care.
The administrative simplification provisions of HIPAA include requirements in two key areas.
Privacy
The privacy provisions of the federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans, and health care clearinghouses. The Department of Health and Human Services (HHS) has issued the regulation, "Standards for Privacy of Individually Identifiable Health Information," applicable to entities covered by HIPAA. The Office for Civil Rights (OCR) is the Departmental component responsible for implementing and enforcing the privacy regulation.
Security
The Security standard specifies a series of administrative, technical, and physical security procedures for covered entities to use to assure the confidentiality of electronic protected health information. The standards are delineated into either required or addressable implementation specifications
HIPAA Resources
HIPAA Educational Materials
Download 10 papers covering a number of issues related to HIPAA on CMS's web site.
Transaction & Code Set Materials
Use the HIPAA Readiness Checklist to get started moving toward compliance with the Electronic Transactions and Code Set Requirements.
Understanding HITECH
Changes the HIPAA HITECH amendments make to the original HIPAA requirements relate to business associates; civil monetary penalties; security breach notification requirements; marketing, fundraising and the sale of protected health information; electronic health record disclosures; disclosures prohibited by individuals; and minimum necessary uses and disclosures.
ASCA's HIPAA Workbooks
These interactive tools contain sample forms, policies and guidance designed specifically to assist ASCs in complying with the HIPAA privacy and security rules. Include CD with model forms and policies.
HIPAA Information Series for Providers
HIPAA Information Series for Providers, consisting of 10 papers, covers a number of important issues.
Provider HIPAA Readiness Checklist
Use the Provider HIPAA Readiness Checklist to get started moving toward compliance with the Electronic Transactions and Code Set Requirements.