Home - Knowledge Center - Health Informatics


The United States Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in August 1996. HIPAA is a collection of federal laws and regulations has wide-ranging impacts for healthcare providers, health plans, and businesses related to the healthcare industry and is administered by the U.S. Health and Human Services Department. 


The purpose of the Act is to:

  • Improve portability and continuity of health insurance coverage in the group and individual markets;
  • To combat waste, fraud, and abuse in health insurance and health care delivery;
  • To promote the use of medical savings accounts;
  • To improve access to long-term care services and coverage;
  • To simplify the administration of health insurance; and
  • Other purposes.

Title I of the HIPAA law deals with health care access, portability, and renewability with the intention of protecting health insurance coverage for workers and their families when they change or lose their jobs. Title II of the law, Administrative Simplification, which deals with preventing health care fraud and abuse.

The major parts of Administrative Simplification, as more fully defined in the section under HIPAA components, include:

  • Transaction Standards
  • Code Sets
  • Unique Identifiers
  • Privacy
  • Security
  • Electronic Signature

The primary aim of the Administrative Simplification is to affect healthcare information systems in the following ways:

  1. Standardizing electronic patient health, administrative and financial data.
  2. Developing unique health identifiers for individuals, employers, health plans and health care providers.
  3. Providing security standards protecting the confidentiality and integrity of "individually identifiable health information," past, present or future.

Almost everybody involved in US healthcare have to comply with HIPAA. These include any healthcare provider or organization that stores or transmits information about patients (these include all health care providers, even 1-physician offices, health plans, employers, public health authorities, life insurers, clearinghouses, billing agencies, information systems vendors, service organizations, and universities) using electronic communication.  Electronic communication includes but is not limited to the following media; computer databases, tapes, disks, telecommunications, FAX, Internet, and networks. 

Thus, almost every healthcare provider or organization is covered under the HIPAA regulations.  There is a perception that these laws only relate to billing and other issues with the federal Medicare system, but this is not true. HIPPA also affect healthcare software applications when they are used as standalone applications, but when they are used for storing or transmitting patient information.

The HIPAA regulations relate to all electronic storage and communication of individual healthcare information and the following are the some important dates leading to the full implementation of the law:

May 23, 2008

National Provider Identifier
(small health plans)

May 23, 2007

National Provider Identifier
(all covered entities except small health plans)

April 20, 2006

Security Standards
(small health plans)

August 1, 2005

Compliance deadline
(small health plans)

April 20, 2005

Security Standards
(all covered entities except small health plans)

July 30, 2004

Compliance deadline
(for all covered entities except small health plans)

April 14, 2004

PRIVACY - Compliance deadline
(small health plans)

Those who fail to comply with the law can expect to pay a fine and though there has been confusion over how the fining would operate, the general penalty for failure to comply is:

  • Each violation: $100
  • Maximum penalty for all violations of an identical requirement: may not exceed $25,000

Wrongful Disclosure of Individually Identifiable Health Information:

  • Wrongful disclosure offense: $50,000, imprisonment of not more than one year or both
  • Offense under false pretenses: $100,000, imprisonment or not more than 5 years, or both
  • Offense with intent to sell information: $250,000, imprisonment of not more than 10 years, or both



Last Updated: 9 August 2006.

International Medical Informatics Association
American Medical Informatics Association
UK Health Informatics Society
British Computer Society Health Informatics Committee
European Federation for Medical Informatics
American Nursing Informatics Association
American Telemedicine Association

Knowledge Center
Biomedical Informatics
Health Informatics
Clinical Informatics
Dental Informatics
Nursing Informatics
Pharmaceutical Informatics
Public Health Informatics
Veterinary Informatics
Healthcare Technologies
Health Informatics Topics
Computer Aided Learning
Decision Making
Healthcare IT Strategy Making
Medical Data
Medical Classification Systems

Last Updated: 9 August 2006.

Copyright © 2018 Biohealthmatics.com. All Rights Reserved. Contact Us - About Us - Privacy Policy - Terms & Conditions - Resources

Can't find what you are looking for? View our Site Map