The Federal Health Insurance Portability and Accountability Act of 1996, known as HIPAA, was passed to establish a national framework for security standards and protection of confidentiality and privacy with regard to health care data and information. 45 CFR 160, 45 CFR 162, 45 CFR 164
All health care plans, health care clearinghouses and health care providers that transmit health information in electronic form must comply with HIPAA regulations.
HIPAA regulations are organized into three primary areas:
Administrative Simplification: Regulations which create uniform standards and requirements for the electronic transmission of health information.
Security: Regulations which require providers and others who maintain health information to maintain the security and integrity of individually identifiable health information.
Privacy: Regulations which set forth general rules for the uses and disclosures of individually identifiable health information by providers and others.
The implications of these federal regulations are considerable.
The Department of Health and Human Services announced changes in January 2013, called the Omnibus Rule, to provide the public with increased control over personal health information as a result of enhanced enforcement by the Health Information Technology for Economic and Clinical Act (HITECH) enacted as part of the American Recovery and Reinvestment Act of 2009 and other rule making proceedings since 2009.
Have a question?
If you have any questions or would like additional information on HIPAA privacy, please contact Institutional Privacy Officer Obumneme Eze by calling 915-215-4459 or emailing firstname.lastname@example.org. For HIPAA security related questions, please contact Information Security Office at elpasoISO@ttuhsc.edu.
As part of our efforts to improve the El Paso HIPAA website, we are interested in your thoughts and suggestions regarding these web pages. Please submit your suggestions or thoughts to email@example.com.