HIPAA Overview
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law designed to:
- Improve the portability and continuity of health insurance, making it easier for a person to move from one health plan to another.
- Reduce administrative costs for providers and payers.
- Protect the privacy of health information from being disclosed without patient’s consent or knowledge.
Provider’s responsibilities in patient rights for HIPAA
Patients have rights under the Privacy Rule that providers are required to follow. The Provider’s Responsibilities in Patient Rights for HIPAA explains these rights in plain language. This information is available to providers, as required by 2013 Wisconsin Act 238 (Wis. Stat. §146.816(4)).
HIPAA Administrative Simplification
HIPAA includes Administrative Simplification provisions designed to the make the health care system more efficient and effective. The provisions require the Department of Health and Human Services to develop national standards for the electronic exchange of health care information, often referred to as Electric Data Interchange. These standards cover transactions, code sets, unique code identifiers, and security.
Other HIPAA provisions mandate the adoption of privacy protections for individually identifiable health information. The following rules ensure these protections:
- Privacy Rule—National standards for covered entities to protect a person’s medical records or other identifiable health information. Covered entities are:
- Health plans
- Health care providers that transmit standard health transactions
- Health care clearinghouses
Business associates of covered entities must comply with HIPAA if they perform covered transactions on behalf of, or provide services to, a covered entity.
Business associates are a person or organization using or disclosing individually identifiable health information to perform or provide functions, activities, or services for a covered entity.
- Security Rule—National standards for protecting the confidentiality, integrity, and availability of electronic protected health information.
- Enforcement Rule—Standards for enforcing the Administrative Simplification Rules.
More information
Learn more about HIPAA Administrative Simplification provisions:
- HIPAA Resources—A list of links to help you understand and comply with HIPAA
- HIPAA Privacy Practices Notices and Forms—Additional guidance for programs specific to the Wisconsin Department of Health Services (DHS)
- HIPAA COW (HIPAA Collaborative of Wisconsin)—A non-profit that assists organizations impacted by HIPAA
- HIPAA for Professionals—Information on HIPAA rules, guidance, FAQs, and more
- Model Business Associate Agreement—DHS contract detailing how business associates must comply with HIPAA requirements
- File a Complaint with DHS—DHS form
- File a Complaint with the Office of Civil Rights—How to file with this federal office