The Health Insurance Portability and Accountability Act of 1996 (HIPAA) established new standards for the confidentiality, security, and transmissibility of health care information.

There are three types of standards created by HIPAA: privacy, security and administrative simplification (e.g., transaction standards).

Taken together, these regulations have a major impact on the day-to-day functioning of the nation's hospitals and affect virtually every department of every entity that provides or pays for health care.

This web page provides resources for hospitals and health systems on HIPAA compliance, security and privacy standards, transaction standards and administrative simplification.

HIPAA - Privacy and Security Standards

AHA Response to the Dececember 2018 HIPAA RFI (December 12, 2019) AHA/AHIMA Webinar: Engaging Patients Through Access to Their Medical Records (November 15, 2016) Presentation slides (PDF) AHA Statement to NCVHS regarding HIPAA’s minimum necessary standard (June 16, 2016) AHA c...