Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA is the federal
law that establishes standards for the privacy and security
of health information, as well as standards for electronic
data interchange (EDI) of health information.
HIPAA has two main
goals, as its name implies:
- making health
insurance more portable when persons change employers, and
- making the health
care system more accountable for costs -- trying especially
to reduce waste and fraud.
HIPAA aims to improve
accountability in part through what it calls administrative
simplification -- a term that translates, roughly, as
The principal means
of promoting efficiency is better use of information technology.
Health care is -- or, at least at the time of the legislation,
was -- still very "uncomputerized" compared to other
parts of the economy, particularly in its use of paper for
personal health records.
Broader use of
computer systems increased concerns about misuse of patient's
health information, hence the inclusion of privacy and security
provisions as part of HIPAA along with EDI standards.
HIPAA as implemented
has four health information standards, and four associated
sets of regulations or "rules":
HIPAA is also known
as the Kassebaum-Kennedy Act, or the Kennedy-Kassebaum Act.