HIPAA Overview
lHealth Insurance Portability and Accountability Act of 1996
lFour Key Areas:
–Privacy Standards
–Electronic Transaction Standards
–Security Standards
–Unique Identifiers
lRequired Compliance – October 16, 2002 & April 14, 2003
Initial intent and main purpose of legislation was to allow individuals to carry their health insurance from job to job.
Included provisions designed to standardize and increase the efficiency of common electronic transactions in health care and to protect the security and privacy of individually identifiable health information.

Divided into four key areas
Privacy – will explain further as most related to university research

Electronic Transaction Standards – attempt to simplify standard exchanges between health care organization. Establishes standardized formats, codes and data elements for transactions such as health claims, enrollment in health plan, health care payment, referral and authorization etc.
Expensive to implement, but will eventually improve efficiency and reduce paperwork.

Security Standards – Rules for protecting the data integrity, confidentiality, and availability of electronic health care information (These standards apply only to electronic data & information.)

Unique Identifiers – Require one identifying number for each provider, health plan, patient and employer

Compliance date for Transactions – October 16, 2002
Privacy – April 14, 2003
Security – April 2005