The roots of HIPAA stem from the early 1990s when it first became apparent that the medical care industry would become more efficient by computerizing medical records.
In addition, the industry also needed new standards regarding the management of healthcare data. These standards included rules regarding the portability of medical information as well as the establishment and protection of a patient’s right to medical privacy. There was also the issue of ensuring that people could keep their healthcare coverage when they left their jobs. HIPAA, the law that resulted from efforts to address these concerns, was passed by Congress and signed by President Bill Clinton.
While the law itself was passed in 1996, the actual details of the law were left to future specifications by Congress, as well as the Secretary of Health and Human Services. The Privacy Rule was the first aspect of HIPAA to be finalized in 1999. Next came the Transaction and Code Sets Final Rule in 2000, followed by the Security Rule and the National Provider Identifier, or Unique Identifiers, rule. The Enforcement Rule specification was, as of 2006, the last part to be finalized in detail.
The landmark Act was passed in 1996 with two objectives:
- One was to ensure that individuals would be able to maintain their health insurance between jobs. This is the Health Insurance Portability part of the Act. It is relatively straightforward and has been successfully implemented.
- The second part of the Act is the “Accountability” portion. This section is designed to ensure the security and confidentiality of patient information/data. In addition, it mandates uniform standards for electronic data transmission of administrative and financial data relating to patient health information.