HIPAA is the Health Insurance Portability and Accountability Act passed by Congress in 1996. HIPAA data is the information that would be covered under this act.
Under this act are Protected Health Information (PHI) and ePHI, which can only be viewed by healthcare professionals, authorized individuals, and, of course, the person the information belongs to.
Table of Contents
Data that falls under HIPAA
- Physical and mental health information from any time period.
- Conversations, diagnosis, treatment, etc.
- Provision of healthcare.
- Information on doctors, nurses, and other healthcare providers.
- Payments for the provision of healthcare from any time period that identifies the individual or is reasonably believed to identify an individual.
- Billing and insurance information.
- Some identifiers (PII) include name, address, birth date, and social security number.
Background Information
HIPAA was enacted to provide the ability to transfer and continue health insurance coverage in case of an employment change. Along with the portability of coverage came industry-wide standards for healthcare information, including the protection of health information (HIPAA data). Protecting health information is intended to reduce healthcare fraud and other abuse.
Conclusion
The Office for Civil Rights (OCR) enforces HIPAA's privacy and security rules. Its main goal is to educate communities about civil rights, health information privacy, and patient safety confidentiality laws [1]. But don't get too relaxed; the OCR can levy hefty fines on non-compliant entities.
What resources do you use to become HIPAA compliant?
Resources
- [1] About OCR on HHS.gov (U.S. Department of Health & Human Services).
- Health Information Privacy on HHS.gov.
- HIPAA Enforcement on HHS.gov.
