Why is there HIPAA


The Health Insurance Portability and Accountability Act (HIPAA) from 1996 is a US-American body of law designed to make it easier for employees in the United States to maintain their health insurance coverage if they lose or change their job. In addition, the legislature is implementing the intention of promoting the acceptance of electronic health data in order to improve the efficiency and quality of the US health system through better data exchange.

With the increasing use of electronic medical records, HIPAA enforces regulations to protect the privacy of health care information (PHI). PHI encompasses a wide range of personal health data from insurance and billing data to diagnostic data, clinical care information, and laboratory results such as images and test results. The HIPAA rules affect statutory entities such as hospitals, medical service providers, employer-sponsored health plans, research institutions, and insurance companies that communicate directly with patients and process patient data. The HIPAA Health Data Protection Regulation (PHI) also applies to business partners.

The HIPAA rules were adopted in 2009 by the Health Information Technology for Economic and Clinical Health Act(HITECH) added. HIPAA and HITECH jointly define a number of state-level standards that are used to protect health data. These provisions are contained in the so-called rules for “administrative simplification”. HIPAA and HITECH set requirements with regard to the use and disclosure of PHI, take appropriate security precautions to protect the PHI, individual rights and administrative responsibilities.

For more information on the protection of health data by HIPAA and HITECH, please visit the website Health Information Privacy of the US Department of Health.