As the Health Insurance Portability and Accountability Act of 1996 (HIPAA), approaches the 25th anniversary of its enactment, we thought we’d look into the history of this game-changer in the healthcare industry.
Signed into law by President Clinton on August 21, 1996, this federal statute was enacted to modernize the flow of healthcare information as well as protect personally identifiable information (PII).
It consists of five titles. We’ll summarize them here for you.
Title I – if you change or lose your job, your health insurance coverage for you and your family can be continued. Pre-existing conditions can be covered if there has been creditable coverage prior to the new coverage. Meaning, if you had health insurance with that condition at Job A, then the new coverage at Job B can’t exclude it if you maintained that coverage without more than a 63-day break.
Title II – established to maintain privacy and security of the identifiable health information, this section establishes the criminal and civil penalties for violations and works to control fraud and abuse within the health care system, but the significant part of this section is that it creates standards to increase efficiency for how information is shared with its Administrative Simplification rules. Those are the Privacy Rule, Transactions & Code Sets Rule, Security Rule, Unique Identifiers Rule, and Enforcement Rule. Within these rules are very specific regulations that outline processing, use, payment, and overall operation guidelines for patient information. This is one of the most detailed parts of HIPAA and includes a lot of important information that any covered entity should be aware of.
Title III – this outline goes over how much an individual can save in pre-tax medical savings accounts.
Title IV – pre-existing conditions are covered in this section, with regard to the continuation of coverage requirements for individuals who must transfer from one health plan to another; it also covers COBRA.
Title V – company-owned life insurance is covered here as well as tax deductions on life insurance loans, company endowments, or contracts related to the company; it also covers US citizens who give up their permanent residency or citizenship here.
HIPAA also covers research and clinical care in its description, putting major changes on these fields as to how it is all conducted and what was allowed or not. The scope and range of HIPAA is wide, affecting so many areas of healthcare, that it may seem restricting to those in the medical field. Yet with the patient’s rights being at the epicenter, it was created to provide a voice and structure to the general public’s access to their own medical records, and a blanket of protection around the information that they would not want to share unless of their own consent.
In 25 years, we’ve seen some of the most challenging situations in regards to HIPAA compliance over the most recent two years with the global pandemic. It was during that time that the laws had to be flexible and adapt to the safety of the public, and not just the individual. As expected, there will undoubtedly be additional changes and modifications in the years ahead as we learn and experience that which we didn’t expect or couldn’t take into account when the laws were created 25 years ago.