The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes. The Security Rule specifies a series of administrative, physical, and technical safeguards for covered entities to use to assure the confidentiality, integrity, and availability of electronic protected health information.
"HIPAA" is an acronym for the Health Insurance Portability & Accountability Act of 1996 (August 21), Public Law 104-191, which amended the Internal Revenue Service Code of 1986. Also known as the Kennedy-Kassebaum Act, the Act includes a section, Title II, entitled Administrative Simplification, requiring:
- Improved efficiency in healthcare delivery by standardizing electronic data interchange, and
- Protection of confidentiality and security of health data through setting and enforcing standards.
More specifically, HIPAA called upon the Department of Health and Human Services (HHS) to publish new rules that will ensure:
- Standardization of electronic patient health, administrative and financial data
- Unique health identifiers for individuals, employers, health plans and health care providers
- Security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.
* The bottom line: sweeping changes in most healthcare transaction and administrative information systems.
Who is affected?
Virtually all healthcare organizations – including all healthcare providers, health plans, public health authorities, healthcare clearinghouses, and self-ensured employers – as well as life insurers, information systems vendors, various service organizations, and universities.
click here and you will directed to the U.S. Department of Health and Human Services.