Skip to site content

Indian Health Service The Federal Health Program for American Indians and Alaska Natives

Health Insurance Portability and Accountability Act (HIPAA)

About HIPAA Regulations

The Health Insurance Portability and Accountability Act (HIPAA) was first proposed with the simple objective of ensuring health insurance coverage when an individual leaves or changes employers. Congress subsequently added an Administrative Simplification requirement to the bill.

The Administration Simplification section, which was requested and supported by the healthcare industry, was intended to decrease operating costs by standardizing electronic transactions, record formats, code sets, and identifiers. However, it also increases risks to the security and privacy of individually identifiable health information. Congress did not include legislation defining privacy and security requirements in the HIPAA legislation, therefore the Department of Health and Human Services (DHHS) was required to do so.

The three final rules from DHHS for HIPAA are:

  • Transaction and Code Set Standards (final)
  • Privacy Standards (final)
  • Security Standards (final)

HIPAA's Privacy Rule, which is the focus of Learn, Train & Protect, addresses public concern for healthcare privacy and the increased risks associated with new technologies. The national standards, boundaries and safeguards required by the privacy rule support a good relationship between healthcare providers and their patients, and holds violators accountable for their actions.

HIPAA provides patients with the right to

  • Release or limit release of their protected health information
  • Request corrections and/or amendments
  • Find out to whom and where their information has been released
  • File complaints if there are disputes

To learn more about the IHS HIPAA forms, policies and procedures, click here to view Learn, Train & Protect training program, or click here to view the forms, policies and procedures.

CPU: 31ms Clock: 0s