Happy 20th Birthday HIPAA!

Wednesday, August 31, 2016

HIPAA logo wearing party hatThis month 20 years ago, the Health Insurance Portability and Accountability Act of 1996 (HIPAA) was signed into law.

You may know HIPAA as the law that protects your medical privacy and security, but did you know that its initial purpose was to allow people to transfer and continue health insurance after they changed or lost a job? Many people had been afraid to change jobs out of fear that a preexisting medical condition would prevent them from receiving health insurance coverage. HIPAA's portability provisions lessened that possibility; required group health plans to provide special enrollment periods for employees and their dependents who experienced a change-in-life circumstance; prohibited group health plans from discriminating based on health status in terms of eligibility or cost of coverage; and mandated the plans be renewable upon request.

From an IT perspective, what HIPAA initiated was protocols to improve the way health care data is exchanged electronically. Standards for certain electronic transactions were adopted that simplified and encouraged the electronic transfer of information.  Now, most health care claims transactions are conducted in a standardized way, which has cut down considerably on the administrative overhead needed to process what used to involve numerous paper forms and telephone calls.

As I said earlier, most patient probably are aware that HIPAA protects the privacy of health information and gives patient the right to a copy of theirs. What you might not know is that it also requires health care organizations, including insurance companies and other business associates, to safeguard the electronic version. That means HIPAA-covered organizations must engage in comprehensive risk analyses and risk management to ensure your electronic information is secure, and to report breaches immediately.

When you go to the doctor today, you won't see much paper moving around; and electronic health records and patient portals are in place now to increase patient safety and satisfaction. This foundation also sets the stage for safe interoperability of health data for smooth transitions of care as well as a better understanding of population health. When that kind of data exchange becomes commonplace, HIPAA will get some extra icing on her cake.


Writer: George Bailey, 765-494-7538, baileyga@purdue.edu

Tags: Health IT Security

Purdue University, West Lafayette, IN 47907 (765) 496-1911

© 2014 Purdue University | An equal access/equal opportunity university | Copyright Complaints

If you have trouble accessing this page because of a disability, please contact Purdue Technical Assistance Program taphelp@purdue.edu.