The Meaning of HIPAA


HIPAA, enacted August 21, 1996, amends the Internal Revenue Service Code of 1986.


HIPAA laws are divided into privacy and security rules. Privacy rules protect the disclosure of an individual's health information. Security rules require organizations to safeguard the systems used to store an individual's health information.

Covered Entities

As cited by the U.S. Department of Health and Human Services, "Privacy and security rules apply only to covered entities." These covered entities include health care providers, such as doctors, dentists and nursing homes; health plans including insurance companies and government programs such as Medicare; and health care clearinghouses.


HIPAA provides individuals with a bit of peace of mind with regard to their personal health information. It gives them the opportunity to decide whether or not they wish to disclose private information, and does not allow a covered entity to use or disseminate the information without their knowledge.


As with any law or regulation, it is only as good as its enforcement. The Department of Health and Human Services reports that "since 2003, enforcement activities have obtained significant results that have improved the privacy practices of covered entities." The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that protects patient information. According to the United States Department of Health and Human Services, "HIPAA specifies a series of administrative, physical and technical safeguards for covered entities to use to assure the confidentiality, integrity and availability of electronic protected health information."