What does the abbreviation HIPAA represent? HIPAA is an acronym of the Health Insurance Portability and Accountability Act of 1996 – a piece of legislation act that had the chief aim of enhancing portability and accountability of healthcare coverage for employees between companies and roles. HIPAA also helped to make sure employees with pre-existing health conditions were supplied with health insurance coverage.
HIPAA also brought in standards that healthcare groups were required to follow to reduce the paperwork burden and make the administration of health insurance easier. The HIPAA administrative simplification regulations streamlined billing, sending and receiving payments, and verifying eligibility. They also served to ensure the smooth transition from paper to electronic health records and transitions.
From 1996, there have been several major updates to HIPAA, notably the HIPAA Privacy Rule, the HIPAA Security Rule, the HIPAA Enforcement Rule, the addition of the Health Information Technology for Economic and Clinical Health (HITECH) Act requirements (The HIPAA Omnibus Final Rule), and the Breach Notification Rule.
Since these changes have been made, HIPAA is now more often associated with protecting patient privacy and ensuring safeguards are put in place to ensure the confidentiality, integrity, and availability of electronic protected health information.
- The HIPAA Privacy Rule lists the allowable uses and disclosures of protected health information and gives patients the right to download copies of their health data.
- The HIPAA Security Rule includes electronic protected health information, and the security measure that must be put in place to keep the information secure and available at all times.
- The HIPAA Enforcement Rule gave the Department of Health and Human Services’ Office for Civil Rights (OCR) the authority to enforce HIPAA Rules and issue financial penalties for noncompliance.
- The Omnibus Rule brought in a range of changes to HIPAA Rules, incorporating the HITECH Act and making business associates of covered groups directly accountable for HIPAA violations.
- The Breach Notification Rule requires covered groups to report all breaches of protected health information to the Office for Civil Rights and issue notifications to individuals impacted by those violations.