Glossary Term

Health Insurance Portability and Accountability Act

Passed in 1996, the Health Insurance Portability and Accountability Act, more commonly known by its acronym HIPAA, is a federal law regulating various aspects of patient information privacy as well as the function of group health insurance plans.

Some of the more notable provisions of HIPAA are:

  • Security and privacy requirements to protect patient information from unauthorized disclosures
    • Privacy Rule requirements are found in HHS‘ publication “Standards for Privacy of Individually Identifiable” Health Information,” and Security Rule requirements are found in HHS’ Security Standards for the Protection of Electronic Protected Health Information”
    • The Privacy Rule only applies to covered entities: health plans, health care clearinghouses, and health care providers (and their business associates) who electronically transmit patient information for an HHS covered transaction
  • Patients’ right to access their own personal health information
  • The need for patient consent before the release of that patient’s protected health information to a third party
  • Prohibition on health factors being used to determine group health plan eligibility or continued coverage
  • Prohibition within a group health plan on charging an individual more than similarly situated individuals based on a health factor

Additional Resources

Related Research

No results found.