The US Government’s Health Insurance Portability & Accountability Act (HIPAA) of 1996 was enacted to protect the medical records and the privacy of individuals.
The Standards for Privacy of Individually Identifiable Health Information (the Privacy Rule)
The law requires covered entities and their business associates to abide by the HIPPA Privacy Rule to protect all “individually identifiable health information” that they manage, hold, or transmit. Most often, HIPAA is thought of solely in relationship to electronic storage and transmission of this Protected Health Information, but it covers any form of media. Over the past few years, you may have noticed signs at your checkout desk at your doctor’s office telling you to stand at a certain spot until call. The purpose of the sign is to protect the information that is being verbally shared by the clerk and the patient who is checking out.
The Security Standards for the Protection of Electronic Protected Health Information (the Security Rule)
The HIPAA Security Rule establishes national standards to protect individuals’ electronic personal health information that is created, received, used, or maintained by a covered entity.1 The Security Rule defines the technical guidelines to ensure that electronic Protected Health Information (e-PHI) is protected by the covered entities.
- Health Plans – Health Insurance Companies
- Health Care Providers
- Health Care Clearinghouses
- Business Associates of the Covered Entities
Visit the U.S. Government Health and Human Services website to read more about the HIPAA Security Rule and the HIPAA Privacy Rule1http://www.hhs.gov/hipaa/for-professionals/security/index.html