The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established new standards for the confidentiality, security, and transmissibility of health care information.

There are three types of standards created by HIPAA: privacy, security and administrative simplification (e.g., transaction standards).

Taken together, these regulations have a major impact on the day-to-day functioning of the nation's hospitals and affect virtually every department of every entity that provides or pays for health care.

This web page provides resources for hospitals and health systems on HIPAA compliance, security and privacy standards, transaction standards and administrative simplification.

HIPAA - Privacy and Security Standards

AHA/AHIMA Webinar: Engaging Patients Through Access to Their Medical Records (November 15, 2016) Presentation slides (PDF) AHA Statement to NCVHS regarding HIPAA’s minimum necessary standard (June 16, 2016) AHA comment letter to CMS extending the Stark protections for Health IT ...

Related Resources

Introduction Hospitals and health systems are responsible for protecting the privacy and confidentiality of their patients and patient in
AHA comments to the Office of the National Coordinator for Health Information on its draft Trusted Exchange Framework and Common Agreement as well as ONC’s…
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) mandated regulations that govern privacy standards for health care information. HIPAA…
Useful Links
The Centers for Medicare & Medicaid Services (CMS) is moving forward with an initiative to remove Social Security numbers (SSN) from Medicare b