On Aug. 21, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) celebrated the 28th anniversary of the signing of the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
A press release on the announcement says that “Twenty-eight years ago today, President Bill Clinton signed this historic bipartisan legislation into law. HIPAA ushered in many needed healthcare reforms. Today, HIPAA is best associated with requiring, for the first time, a set of standards for safeguarding the privacy and security of individually identifiable health information; it is administered and enforced by OCR.”
“HIPAA is the cornerstone law that advances patient privacy, data protection, and health information security in our nation’s healthcare system. Importantly, HIPAA, through the HIPAA Rules, empowers patients and consumers to take their own health data into their own hands and instills trust in the patient-provider relationship to allow for better care and outcomes,” said Melanie Fontes Rainer, Director of the Office for Civil Rights. “With the rise of cyberattacks breaching patient privacy, HIPAA is more relevant than ever. OCR continues to prioritize health information privacy by updating and rigorously enforcing the HIPAA Rules that safeguard our national security in the healthcare system.”
OCR has implemented the requirements of HIPAA and related statutes with the creation and modifications of the HIPAA Privacy, Breach Notification, Security, and Enforcement Rules. These rules set forth the requirements that health plans, healthcare clearinghouses, and most healthcare providers, and their business associates (e.g., third party administrator that assists a health plan with claims processing, accountant providing services to a healthcare provider, medical transcriptionist services to a physician) must follow relating to the privacy and security of protected health information (e.g., medical records, personally identifiable information).
