Resources - HIPAA Rules

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996. This is the Act that governs the way healthcare information is handled today.

HIPAA at a glance

Patients' right of access to healthcare information. This stipulates that all patients have access to their healthcare information through a healthcare provider and healthcare clearing house at a reasonable charge. Reasonable charge is defined as the operating cost to duplicate a record.

Rules for information exchange in the areas of accounting, patient information and insurance information of patients. Governs the information that can be exchanged about a patient between healthcare entities, and defines standards for times when patient approval for exchanging medical information is needed versus not needed. In summary, patient approval is always needed unless all patient specific information is removed from the document.

Security and privacy of your records in a physical environment. Governs rules, regulations, checks, and balances that healthcare providers, insurance entities, and healthcare clearing houses must have in place to maintain a safe environment for patients' medical information. These include processes such as facility access, facility security plan, workstation use and security, and structural and grounds maintenance records.

Security and privacy of your records in a digital environment. Governs rules, regulations, technical specifications and security that healthcare providers and healthcare clearing houses must have in placeto maintain a safe and secure digital environment for a patient's medical information. These safeguards include access control such as unique identifiers, audit controls on hardware and software, and transmission security.

Setting benchmark dates for lawmakers and healthcare providers. HIPAA set compliance dates in which lawmakers must have defined industry standards such as standardized medical records, digital regulations, and security regulations. HIPAA also set benchmark dates for healthcare providers to be compliant with new rules set by lawmakers.