LII:HIPAA Compliance - LII 007 01. What Is HIPAA?

From LIMSWiki
Jump to: navigation, search


Hipaa compliance.png
In the medical/healthcare industry there are two overriding regulatory compliance considerations: CLIA and HIPAA. CLIA is the set of Clinical Laboratory Improvement Amendments of 1988, which are United States federal regulatory standards that apply to all clinical laboratory testing performed on humans in the United States, except clinical trials and basic research.[1] This course is about The Health Insurance Portability and Accountability Act of 1996, enacted by the United States Congress and signed into law in 1996.[2]

Whereas CLIA has to do with standards in clinical testing, HIPAA is concerned with protecting patients’ personal information – rigorously and effectively. It applies to all who are involved in patient personal information, including contractors and other business associates.

Privacy and security

There are two main areas of HIPAA regulations and standards: privacy and security. Both apply to all covered entities (we’ll define those in Lesson 2) and are related, but have slightly different emphases.

  • HIPAA privacy (the Privacy Rule): This concentrates on the patient's right to privacy regarding their personal information and health records, and what covered entities must do to support that. It also includes their right to access those data.
  • HIPAA security (the Security Rule): This portion of HIPAA focuses on the requirements for covered entities to protect patient data, including administrative, physical and technical ways and means.

Government oversight

HHS Bldg 800 px.jpg
When laws are made, the responsibility to make affected parties aware of their obligations and how to meet them — and to monitor, enforce and punish offenders — is often allocated to a particular body. In the case of HIPAA, the federal Health and Human Services department (HHS) is that body. Within the HHS, the Office for Civil Rights (OCR) ensures equal access to certain health and human services and protects the privacy and security of health information. Additionally, the Centers for Disease Control and Prevention (CDC) and other HHS agencies provide guidance and materials.


Further information about HIPAA and its history, etc. can be found on the LIMSwiki HIPAA page.


  1. "Title 42, Chapter IV, Subchapter G, Part 493". U.S. Government Publishing Office. Retrieved 15 June 2016. 
  2. "Public Law 104 - 191 - Health Insurance Portability And Accountability Act of 1996". U.S. Government Publishing Office. Retrieved 15 June 2016.