Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 established national standards, known as the
HIPAA Privacy Rule to protect the privacy and security of health information, and the
HIPAA Security Rule to protect health information that is stored and transmitted electronically.
HIPAA Privacy Rule
The
HIPAA Privacy Rule was established to protect the privacy and confidentiality of health information. The Privacy Rule requires covered entities (e.g., health care providers, health plans, health care clearinghouses) to receive authorization from an individual before using or making disclosures to others about protected health information (PHI).
HIPAA requires covered entities to receive authorization from an individual before using or making disclosures to others about protected health information (PHI). Authorization is generally not required if disclosure of PHI is for purposes related to treatment, payment, or health care operations.
DHSS has created a HIPAA compliant authorization forms for use by DHSS agencies to ensure that any use or disclosure of PHI is completed in compliance with HIPAA.
HIPAA Privacy Rule Resources for Individuals
HIPAA Privacy Rule Resources for Health Care Professionals
HIPAA Security Rule
HIPAA also established national standards known as the
HIPAA Security Rule which adopted national coding standards and safeguards to protect health information that is stored or transferred in electronic form. The primary goal of the HIPAA Security Rule is to protect the privacy of individuals’ health information while allowing covered entities to adopt and use new technologies to improve the quality and efficiency of patient care.
HIPAA Security Rule Resources for Health Care Professionals