Health Insurance Portability and Accountability Act

4 pages
1024 words
University of California, Santa Barbara
Type of paper: 
Research paper
This essay has been submitted by a student.
This is not an example of the work written by our professional essay writers.

The Health Insurance Portability and Accountability Act (HIPAA) was enacted by the Congress of the United States in 1996 and signed by President Bill Clinton. The act was meant to improve the continuity and portability of health insurance cover in the group and individual markets, to fight against fraud, waste, and abuse in health care delivery and health insurance hence promoting the usage of medical savings accounts, improving access to long-term medical services and coverage, and simplifying the administration of health insurance. Among its objective was protecting the privacy of public health information. Its intention was to provide individuals with the minimum level of security and privacy of their information even though the laws of the state provides additional protection for health information. Therefore, HIPAA is very significant as it aims to protect individuals health information CITATION Nos06 \l 2057 (Nosowsky & Giordano, 2006).

Trust banner

If this sample essay on"Health Insurance Portability and Accountability Act" doesn’t help,
our writers will!

Protected health information includes information of an individuals demographic information received or created by a health care provider and laboratory tests and results, which is maintained or transmitted electronically or any other media. Such information may relate to the present, past or future mental or physical health of an individual. It also includes the current provision of medical care to the individual who either pays, paid or will pay for such health care services CITATION OHe04 \l 2057 (OHerrin, Fost, & Kudsk, 2004). The information must judiciously identify the individual. Such information is collected by a professional heath care individual to determine an appropriate health care to the individual. However, the HIPAA regulates the information collected, and there is a limit of public health information that insurers, health care providers and their business associates allowed to collect. The HIPAA states that such information should be kept private and confidential and only disclosed in certain circumstances. Public health information is only disclosed unless it is for treatment, research, activities of the public health or it is a merger or acquisition of an entity covered by HIPAA. Patients can also request to access their information and get feedback for not more than 30 days. The period of 30 days is to ensure that the health caregivers avail all the information requested. The covered entities and business associates are subject to audits by HIPAA. Business partners or associates of healthcare providers must sign business associate agreements of HIPAA and are bound legally to handle protected health information in a way satisfying, the security and privacy rules of HIPAA CITATION Nos06 \l 2057 (Nosowsky & Giordano, 2006).

The privacy rule provides national standards for protecting medical records of individuals and personal health information, which applies to health care clearinghouses, health plans, and health caregivers conducting health care services in an electronic form. The rule ensures that there is a protection of personal health information by setting limitations on usage and disclosure of such information without the consent of the patient. Under the rule, patients have the right to examine their health information and can request corrections and also obtain a copy containing information about their health CITATION HHS16 \l 2057 (, 2016).

The security rule of HIPAA provides national standards designed for the protection of electronic personal health information of individuals that is received, created, used or maintained by an entity covered by HIPAA. The requirement of the security rule is ensuring proper administrative, technical and physical safeguards to ensuring the integrity, security and confidentiality of an electronic protected health information CITATION HHS161 \l 2057 (, 2016).

Public health laboratories that carry out health care services as one of their activities are covered entities if they transmit or conducts their transactions electronically. A lab may be conducting health care services to and reporting directly to an individual. In this case, the privacy rule applies. A lab may also be carrying out health activities and reports directly to a health care worker or a physician. However, if such transactions are carried electronically, the laboratory is conducting covered functions. Therefore, security rule applies CITATION OHe04 \l 2057 (OHerrin, Fost, & Kudsk, 2004).

Health providers keep information systematically for easy access. For instance, they keep information that is linkable or linked to an individual such as educational, medical, employment and financial information. Such information includes biometric data such as genetic information and fingerprint details, social security numbers, telephone numbers, email addresses. Such type of information is known as identifiable information. The importance of such information is that an individual can easily be located in case he/she is needed in matters involving his/her personal health information. Identifiable information is very sensitive and because exposure may lead to damaging ones reputation directly or indirectly. Therefore, it is the responsibility of health care providers to ensure high levels of privacy and security of identifiable information CITATION OHe04 \l 2057 (OHerrin, Fost, & Kudsk, 2004).

Unidentified information is health information that does not show any relations to a specific person. Unidentified information is whereby the healthcare providers have no judicious basis to consider that the information can be used for identification of specific individuals. The information may be connected to various people, and because there is no specific individual, such information is not protected under the privacy rules of HIPAA. The information is used more often by covered entities without restrictions. The information is important as it is used to enhance health care, estimation of costs of care and through supporting public health initiatives. Therefore, identifiable information is private and confidential and under the protection of HIPAA rules of privacy while there is no protection under the unidentifiable information CITATION Nos06 \l 2057 (Nosowsky & Giordano, 2006).


BIBLIOGRAPHY (2016). Summary of the HIPAA Privacy Rule:Health Information Privacy. Retrieved from (2016). Summary of the HIPAA Security Rule:U.S. Department of Health & Human Services. Retrieved from

Nosowsky, R., & Giordano, T. J. (2006). The Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy rule: implications for clinical research. Annu. Rev. Med., 57, 575-590.

OHerrin, J. K., Fost, N., & Kudsk, K. A. (2004). Health Insurance Portability Accountability Act (HIPAA) regulations: effect on medical record research . Annals of surgery, 239(6), 772-778.

If you want discreet, top-grade help, order a custom paper from our experts.

If you are the original author of this essay and no longer wish to have it published on the SuperbGrade website, please click below to request its removal: