Health Information and Privacy (HIPAA)
Page Contents
- Federal
- Summary
- Portability of Health Care Coverage
- Pre-Existing Condition Exclusions
- Illnesses Not Subject to Pre-Existing Condition Exclusions
- Creditable Coverage
- Certificate of Creditable Coverage
- Methods of Crediting Coverage
- Special Enrollment Periods
- Notice to Participants
- Eligibility for High Risk Pools Upon Termination of Coverage
- Effect of State Laws
- Nondiscrimination Rules
- Similarly Situated Employees
- Benefit Plan Practices
- Eligibility
- Benefits and Benefit Plan Changes
- Source of Injury Exclusion
- Actively-At-Work and Non-Confinement Provisions
- Wellness Plan Initiatives
- Medical Privacy Under HIPAA
- Protected Health Information
- De-Identified Information
- Covered Entities
- Business Associates
- Employer Responsibilities
- Administrative Responsibilities
- Guidelines for PHI Use and Disclosure
- Permitted Uses and Disclosures of PHI
- Minimum Necessary Disclosure
- Disclosure to Plan Sponsors
- Use of PHI for Marketing
- Privacy Practice Notice Requirements and Individual Rights
- Recordkeeping and Retention Requirements
- Effect of State Laws
- Examples of HIPAA Privacy Violations
- HIPAA's Security Rule
- Covered Entities
- Security Management Process
- Security Standards
- Administrative Safeguards
- Physical Safeguards
- Technical Safeguards
- HITECH Act
- Enforcement Provisions
- Future Developments
expand
Federal
Author: Jayne Zanglein, Western Carolina University
Summary
The Health Insurance Portability and Accountability Act of 1996 (HIPAA):
- Protects health insurance coverage for employees and their dependents that lose coverage or change jobs. See Portability of Health Care Coverage.
- Limits exclusions of coverage for pre-existing medical conditions for up to 12 months for initial enrollment periods and for up to 18 months for late enrollment periods. See Pre-Existing Condition Exclusions.
- Was strengthened by the Patient Protection and Affordable Care Act (PPACA). See Pre-Existing Condition Exclusions.
- Provides employees with access to high risk insurance coverage pools after coverage, including coverage under the Consolidated Omnibus Budget Reconciliation Act (COBRA), terminates under the plan. See Eligibility for High Risk Pools Upon Termination of Coverage.
- Prohibits discrimination against workers for pre-existing conditions and genetic information. See Nondiscrimination Rules.
- Phases out annual and lifetime dollar limits on essential health benefits. See Benefits and Benefit Plan Changes; Future Developments.
- Establishes privacy rules designed to safeguard protected health information (PHI). See Medical Privacy Under HIPAA.
- Establishes security rules designed to safeguard electronic PHI (ePHI). See HIPAA's Security Rule.
Register for Free
Already an XpertHR user?
Log in
State Requirements
The following states have additional requirements for this topic under applicable state law.
- Alaska
- California
- Colorado
- Connecticut
- District of Columbia
- Florida
- Georgia
- Hawaii
- Idaho
- Indiana
- Iowa
- Kansas
- Maine
- Massachusetts
- Michigan
- Missouri
- Montana
- Nebraska
- Nevada
- New Hampshire
- New Jersey
- New Mexico
- North Dakota
- Oklahoma
- Oregon
- Rhode Island
- South Carolina
- South Dakota
- Utah
- Vermont
- Washington
- West Virginia
- Wisconsin
- Wyoming