Block on Trump's Asylum Ban Upheld by Supreme Court
If you've heard of HIPAA -- the Health Insurance Portability and Accountability Act of 1996 -- you probably know that it protects private medical information. But beyond that, most people are understandably clueless.
HIPAA actually ordered the Department of Health and Human Services to create standards for the protection of electronically stored and submitted personal health care information. Those standards limit the use and dissemination of personal data; create a system for submitting electronic information; and dictate security standards.
Still, what information does the law cover? And who must comply with HIPAA regulations?
It's a pretty complicated web of standards, but the following are the broader categories of covered information and entities.
What does HIPAA cover?
The law covers Protected Health Information (PHI), which is defined as any information related to:
The below entities can only disclose this information when required by law (child welfare); to facilitate treatment or payment; or if authorized by the patient.
Who must comply with HIPAA regulations?
Electronic records and billing are used by almost everyone in the health care industry, which means most health care providers and intermediaries must comply with HIPAA regulations. If you think your doctor or insurance plan should comply but hasn't, you can file a complaint with the Department of Health and Human Services.