Book:HIPAA Compliance: An Introduction/What is HIPAA?
What is HIPAA?
The healthcare industry must comply with both CLIA and HIPAA. CLIA regulatory standards apply to all clinical laboratory testing performed on humans in the United States, except clinical trials and basic research. While important, this guide focuses on HIPAA, which was enacted by the United States Congress and signed into law in 1996.
Whereas CLIA involves standards in clinical testing, HIPAA is concerned with rigorously and effectively protecting patients’ personal information. It applies to most any entity that handles a patient's personal information, including contractors and other business associates.
Privacy and security
There are two main areas of HIPAA regulations and standards: privacy and security. Both apply to all covered entities and are related, but have slightly different emphases.
- HIPAA privacy (the Privacy Rule): This concentrates on the patient's right to privacy regarding their personal information and health records, and what covered entities must do to support that. It also includes their right to access those data.
- HIPAA security (the Security Rule): This portion of HIPAA focuses on the requirements for covered entities to protect patient data, including administrative, physical and technical ways and means.
When laws are made, the responsibility to make affected parties aware of their obligations and how to meet them—and to monitor, enforce and punish offenders—is often allocated to a particular body. In the case of HIPAA, the HHS is that body. Within the HHS, the Office for Civil Rights (OCR) ensures equal access to certain health and human services and protects the privacy and security of health information. Additionally, the Centers for Disease Control and Prevention (CDC) and other HHS agencies provide additional guidance and materials.
Further information about HIPAA and its history, etc. can be found on the LIMSwiki Health Insurance Portability and Accountability Act page.
- "Code of Federal Regulations Title 42, Chapter IV, Subchapter G, Part 493". U.S. Government Publishing Office. https://www.ecfr.gov/current/title-42/chapter-IV/subchapter-G/part-493. Retrieved 09 February 2022.
- "Public Law 104 - 191 - Health Insurance Portability And Accountability Act of 1996". GovInfo. U.S. Government Publishing Office. 21 August 1996. https://www.govinfo.gov/app/details/PLAW-104publ191. Retrieved 09 February 2022.
Citation for this section
Title: HIPAA Compliance: An Introduction - What is HIPAA?
Author for citation: Alan Vaughan, with editorial modifications by Shawn Douglas
License for content: Creative Commons Attribution-ShareAlike 4.0 International
Publication date: Originally published June 2016; compiled and lightly edited February 2022