Compare & Buy Car, Bike and Health Insurance Online - InsuranceDekho
Track & Policy DownloadLogin
HomeHealth InsuranceNewsWhat Is The Health Insurance Portability And Accountability Act?

What Is The Health Insurance Portability And Accountability Act?

Table of Contents

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that requires the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge. The US Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to implement the requirements of HIPAA. The HIPAA Security Rule protects a subset of information covered by the Privacy Rule.

What Is The Health Insurance Portability And Accountability Act?

HIPAA Privacy Rule

The Privacy Rule standards address the use and disclosure of individuals’ health information (known as “protected health information”) by entities subject to the Privacy Rule. These individuals and organizations are called “covered entities.” The Privacy Rule also contains standards for individuals’ rights to understand and control how their health information is used. A major goal of the Privacy Rule is to ensure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public’s health and well-being. The Privacy Rule strikes a balance that permits important uses of information while protecting the privacy of people who seek care and healing.

Covered Entities

The following types of individuals and organizations are subject to the Privacy Rule and considered covered entities:

  • Healthcare providers: Every healthcare provider, regardless of size of practice, who electronically transmits health information in connection with certain transactions. These transactions include claims, benefit eligibility inquiries, referral authorization requests, and other transactions for which HHS has established standards under the HIPAA Transactions Rule.
  • Health plans: Entities that provide or pay the cost of medical care. Health plans include health, dental, vision, and prescription drug insurers; health maintenance organizations (HMOs); Medicare, Medicaid, Medicare+Choice, and Medicare supplement insurers; and long-term care insurers (excluding nursing home fixed-indemnity policies). Health plans also include employer-sponsored group health plans, government- and church-sponsored health plans, and multi-employer health plans.
  • Exception: A group health plan with fewer than 50 participants that is administered solely by the employer that established and maintains the plan is not a covered entity.
  • Healthcare clearinghouses: Entities that process nonstandard information they receive from another entity into a standard (i.e., standard format or data content), or vice versa. In most instances, healthcare clearinghouses will receive individually identifiable health information only when they are providing these processing services to a health plan or healthcare provider as a business associate.
  • Business associates: A person or organization (other than a member of a covered entity’s workforce) using or disclosing individually identifiable health information to perform or provide functions, activities, or services for a covered entity. These functions, activities, or services include claims processing, data analysis, utilization review, and billing.

HIPAA Security Rule

While the HIPAA Privacy Rule safeguards protected health information (PHI), the Security Rule protects a subset of information covered by the Privacy Rule. This subset is all individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called “electronic protected health information” (e-PHI). The Security Rule does not apply to PHI transmitted orally or in writing.

To comply with the HIPAA Security Rule, all covered entities must do the following:

  • Ensure the confidentiality, integrity, and availability of all electronic protected health information
  • Detect and safeguard against anticipated threats to the security of the information
  • Protect against anticipated impermissible uses or disclosures

Conclusion

Certify compliance by their workforce Covered entities should rely on professional ethics and best judgment when considering requests for these permissive uses and disclosures. The HHS Office for Civil Rights enforces HIPAA rules, and all complaints should be reported to that office. HIPAA violations may result in civil monetary or criminal penalties.

Also read: How To Check Manipal Cigna Health Insurance Policy Status

How To Cancel Star Health Insurance Policy

Show More

Disclaimer

This article is issued in the general public interest and meant for general information purposes only. Readers are advised not to rely on the contents of the article as conclusive in nature and should research further or consult an expert in this regard.
Must BuyMust Buy

Why to Buy Health Insurance Policy Online from InsuranceDekho

  • Tax benefit upto 75,000*
  • Claim support everyday 10AM-7PM
  • 80 Lacs+ happy customers

Health Insurance Terminologies

Find the right health insurance for you

Partner Health Insurance Companies

View All Health Insurance Companies

Disclaimer: InsuranceDekho does not endorse, rate or recommend any particular insurance company or insurance plan.

Health Insurance Glossary

      Latest Health Insurance News

    • News
      Surgeries covered under ICICI Lombard Health Insurance
    • News
      Health Insurance for COPD: Coverage, Plans, and Benefit...
    • News
      Niva Bupa VS Care Health Insurance: A Comprehensive Com...
    • News
      What is Better? ICICI Lombard or Star Health
    • News
      Cataract Surgery Coverage by Star Health Insurance - Pl...
      • View All Health Insurance News

      Insurance Calculators

        Become POSP Insurance Agent

          Find the right health insurance for you