HIPAA Health Insurance Portability and Accountability Act

HIPAA stands for the Health Insurance Portability and Accountability Act (HIPAA) and was enacted by the U.S. Congress in 1996. HIPAA has 2 main parts, one which protects health insurance coverage for workers and their families when they change or lose their job.  A second part requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.


The most visible part is the Privacy Act. This part of HIPAA controls who has access to your medical records and billing, they call this Private Health Information (PHI). The good part is that it goes a long way to protect your privacy and limits the people that can discuss your health or your bill.

So now, under HIPAA, if you’re in the hospital, and a friend calls to ask how you are doing, the hospital cannot give out that information without your permission.  It also means that your boss can’t call your doctor to see if you really were sick when you called in last week.

More Paperwork

Medical providers aren’t always happy with HIPAA because it creates a lot of paperwork and holds them responsible for maintaining your privacy.  They need written permission to share your medical and billing information with other doctors and even insurance companies.  Most will ask you to update an information release form yearly.  It’s one of those papers that you will be asked to sign.

HIPAA regulations require doctor’s offices and medical facilities to complete regular security audits.  They need to make sure that your records and health information stay secure.

Another part of HIPAA is the standardizing of codes.  Each medical diagnosis or procedure has been assigned a unique code from a table called ICD-10 (International Classification of Diseases 10th edition).  It’s very complex as each code is specific to a disease, disorder, or condition.  Most doctor’s offices need to have a billing specialist to determine the correct code, and incorrect codes can delay bill payments.

Everyone hates the HIPAA paperwork, but it’s a necessary evil.  It protects your privacy and limits who can see your records.  Remember that your medical records contain all of the information that an identity thief needs to rip you off, so it’s a good thing.  And it gives you control over who has access.