Health Insurance Portability and Accountability Act (HIPAA)
August 2022 IHS Privacy Training can be accessed on the Privacy Training site.
As passed by the United States Congress, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) will institute administrative reforms that will be phased in over the period 2000-2003. Of major importance in the HIPAA legislation is the issue of data and transaction standardization-a mandate very few healthcare providers can sidestep if they bill third parties for services provided to patients. The law also changes the way health care providers have to protect the privacy of a patient's health information and contains security procedures that must be followed to protect the integrity of a patient's health information.
The Health Insurance Portability and Accountability Act (HIPAA) is also known as the Kennedy-Kassebaum bill. It was first proposed with the simple objective to assure health insurance coverage after leaving a job. Congress added an Administrative Simplification section to the bill (see the Department of Health and Human Services Administrative Simplification Web site for more information).
The goal of the Administrative Simplification section of the bill was to save money. It was requested and supported by the health care industry because it standardized electronic transactions and required standard record formats, code sets, and identifiers.
The impact of Electronic Standardization, however, was that it increased risk to security and privacy of individually identifiable health information. After Congress did not provide legislation defining the privacy and security requirements of HIPAA, the Department of Health and Human Services (DHHS) was required to provide them.
There are currently four proposed or final rules from DHHS for HIPAA:
- Transaction and Code Set standards (Final)
- Privacy standard (Final)
- Security standard (Final)
- Identifier standards (Proposed)