Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act of 1996 (HIPAA)1 contained a provision requiring the Secretary of the Department of Health and Human Services (HHS) to publish national standards to protect the privacy and security of individually identifiable health information. These regulations, published in 2000, are known as the HIPAA Privacy Rule and the HIPAA Security Rule. In 2009, HIPAA was amended by the Health Information Technology for Economic and Clinical Health Act (HITECH), enacted as part of the American Recovery and Reinvestment Act (ARRA).2 In July 2010, HHS released a Notice of Proposed Rulemaking (NPRM or Proposed Rule) to implement the various changes to Privacy and Security Rules required by HITECH.3 Final regulations are expected to be published before the end of 2012.
Footnotes
- 1. Health Insurance Portability and Accountability Act of 1996 (HIPAA), Pub. L. No. 104-191, 110 Stat. 139 (1996) (codified as amended in scattered sections of 42 U.S.C.).
- 2. ARRA, Pub. L. No. 111-5, Div. A, Title XIII, § 13404, 123 Stat. 260 (2009).
- 3. Modifications to the HIPAA Privacy, Security, and Enforcement Rules, 75 Fed. Reg. 40,868, 40,872-73 (proposed July 14, 2010) (to be codified at 45 C.F.R. pt. 160 and 164).
.png)