HIPAA (The Health Information Portability and Accountability Act)
What is HIPAA Compliance?
The Health Information Portability and Accountability Act (HIPAA) was formed to protect personally identifiable electronic health information. The Act mandates that any entity storing, processing, and transmitting health information electronically should have a robust security framework to protect it from unauthorized access. The regulation is part of the broader Protected Health Information (PHI) Act that mandates protection of individually identifiable health information stored in any form – be it on paper, oral, or electronic.
Where is HIPAA Compliance applicable?
Any entity that maintains health information, directly or indirectly, in its information systems is liable to adhere to HIPAA. This includes specialty hospitals/nursing homes, health insurance companies, pharmaceutical companies, pathology laboratories, medical service providers, and medical equipment manufacturers.