The Health Insurance Portability and Accountability Act of 1996 (HIPAA) amended the IRS Code of 1986.

The federal government enacted HIPAA legislation to:

  • ensure health insurance portability and continuity
  • guarantee the integrity and confidentiality of health information
  • improve the operations of health care systems
  • reduce waste, fraud, and abuse in health insurance and health care delivery

Department of Health and Human Services issued final Privacy Regulations in August 2002 intended to secure Protected Health Information (PHI) transmitted through Electronic Data Interchange (EDI). The federal government requires full HIPAA compliance from all covered entities by April 14, 2003. A Covered Entity is a health plan, a health care clearinghouse, or a health care provider who transmits health information electronically. All Business Associates must also be HIPAA compliant with Privacy regulations by the effective date. Business Associates perform health care operations involving use/disclosure of PHI on behalf of Covered Entities. ABB’s staff has been trained on HIPAA Privacy legislation and its impact on daily operations. Policies and procedures are functional, meeting HIPAA requirements, and ABB is fully compliant with the HIPAA Privacy Rules.

Existing security controls required under the Privacy rule are currently in place.