Health Insurance Portability and Accountability Act
Each time a patient sees a doctor, is admitted to a hospital,
goes to a pharmacist or sends a claim to a health plan, a record
is made of their confidential health information. In the past,
family doctors and other health care providers protected the confidentiality
of those records by sealing them away in file cabinets and refusing
to reveal them to anyone else. Today, the use and disclosure of
this information is protected by a patchwork of state laws, leaving
gaps in the protection of patients' privacy and confidentiality.
Congress recognized the need for national patient record privacy
standards in 1996 when they enacted the Health Insurance Portability
and Accountability Act of 1996 (HIPAA). The law included provisions
designed to save money for health care businesses by encouraging
electronic transactions, but it also required new safeguards to
protect the security and confidentiality of that information.
The law gave Congress until August 21, 1999, to pass comprehensive
health privacy legislation. When Congress did not enact such legislation
after three years, the law required the Department of Health and
Human Services (HHS) to craft such protections by regulation.
HIPAA Sub Navigation: