About HIPAA

General Overview
Taken from document: http://www.hhs.gov/ocr/hipaa/guidelines/overview.pdf published December 3, 2002 by the Office of Civil Rights - HIPAA

To improve the efficiency and effectiveness of the health care system, the Health Insurance Portability and Accountability Act (HIPAA) of 1996, Public Law 104-191, included “Administrative Simplification” provisions that required HHS to adopt national standards for electronic health care transactions. At the same time, Congress recognized that advances in electronic technology could erode the privacy of health information. Consequently, Congress incorporated into HIPAA provisions that mandated the adoption of Federal privacy protections for individually identifiable health information.

In response to the HIPAA mandate, HHS published... the Privacy Rule in December 2000, which became effective on April 14, 2001. This Rule set national standards for the protection of health information, as applied to the three types of covered entities: health plans, health care clearinghouses, and health care providers who conduct certain health care transactions electronically. By the compliance date of April 14, 2003 (April 14, 2004, for small health plans), covered entities must implement standards to protect and guard against the misuse of individually identifiable health information. Failure to timely implement these standards may, under certain circumstances, trigger the imposition of civil or criminal penalties.

Secretary Tommy Thompson called for an additional opportunity for public comment on the Privacy Rule to ensure that the Privacy Rule achieves its intended purpose without adversely affecting the quality of, or creating new barriers to, patient care. After careful consideration of these comments, in March 2002 HHS published proposed modifications to the Rule, to improve workability and avoid unintended consequences that could have impeded patient access to delivery of quality health care. Following another round of public comment, in August 2002, the Department adopted as a final Rule the modifications necessary to ensure that the Privacy Rule worked as intended.

The Privacy Rule establishes, for the first time, a foundation of Federal protections for the privacy of protected health information. The Rule does not replace Federal, State, or other law that grants individuals even greater privacy protections, and covered entities are free to retain or adopt more protective policies or practices.

The Privacy Regulations - Final Rule
Standards for Privacy of Individually Identifiable Health Information published by the Department of Health and Human Services (DHHS)

UF Privacy Home

About the UF Privacy Office & Contacts

Health Information Privacy
Health Information Privacy Contacts
More About HIPAA

Announcements

New UF Privacy Website

Policies & Procedures

Operational Guidelines
Forms
Privacy Management
Glossary of Terms

Training

HIPAA & Privacy - General Awareness
HIPAA for Researchers
HIPAA for Visitors & Vendors
Certificate Lookup

Confidentiality Statement

UF HSC Jacksonville

(including UFJHI and UFJPI)

Complaints & Incidents

Disclosure Tracking System

Student Data Access

Shadowing

FAQs

NPI - National Provider Identifier
Frequently Asked Questions
"Question of The Week" Archives
HIPAA & Research at UF
Computers & Electronic Data
Emails & PHI
Disclosures Allowed By Florida Laws
Florida Disclosures Matrix

Identity Theft

How it Happens, Reduce Your Risk, What To Do If You're a Victim

HIPAA Links

Search



Confidentiality Statement

Other UF Resources

UF Home
UF Directory
Health Science Center
myUFL
HSC Information Security - SPICE
UF IT Security