Security Encyclopedia

Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a comprehensive federal regulation that governs healthcare data mobility, handling, and other aspects of patient records.

Among the Act’s five Titles that oversee various parts of the healthcare landscape are Title II, its Administrative Simplification Act (AS, or ASA). The ASA spells out how patient records can be handled by healthcare providers and healthcare insurers to enhance privacy and provide patients with informed consent over how their records are shared. It also establishes baseline national standards for electronic patient records and how they may be used.

In addition to HIPAA’s portability and simplification pillars, the regulation also includes a provision that aims to address the integrity of publicly-funded healthcare for the uninsured (Medicaid).

Example:

“HIPAA requires that you sign this form to consent to us sharing the results of your diagnostic techs with your primary care doctor, since she is out of our network. Unless you consent, we can’t send the encrypted message at all.”