General Info & Requirements

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) enacts sweeping changes in how the healthcare professions handle the administrative details of their practices, and contains a broad and stringent framework, for the privacy and confidentiality of personally identifiable health information. This Federal statute was enacted as Public Law 104-191. Further information regarding this act can be found at the Department of Health and Human Services (HHS) website.

The Administrative Simplification provisions of HIPAA (Title II of the Act) require HHS to establish national standards for electronic health care transactions, and national identifiers for providers, health plans, and employers. Covered entities must comply with the technical standards and data sets adopted by HHS. HIPAA also addresses the security and privacy of health data, and establishes stringent procedures, which covered persons and entities must follow, in obtaining and disclosing personally identifiable health information.

Licensing boards do not administer the provisions of HIPAA. Therefore, the Board cannot licensees with guidance, regarding HIPAA compliance. Licensees with HIPAA questions should seek answers through the following resources:

• HHS's website provides a great deal of information, including frequently asked questions.
• Another good source of information is the HIPAA website maintained by the HHS Centers for Medicare and Medicaid Services.
• HHS's Office of Civil Rights (OCR) implements the HIPAA privacy regulations. Guidance about the privacy requirements may be found on OCR's website at www.hhs.gov/ocr/hipaa.