Aestiva Wiki
Back to Search >

What is HIPAA?


HIPAA stands for The Health Insurance Portability and Accountability Act of 1996. It generally prohibits healthcare providers and healthcare businesses (covered entities), from disclosing protected information to anyone other than a patient and the patient's authorized representatives without their consent.

The Final Rule on Security Standards was issued on February 20, 2003. It took effect on April 21, 2003, with a compliance date of April 21, 2005, for most covered entities and April 21, 2006, for "small plans". The Security Rule complements the Privacy Rule.

HIPAA, or the Health Insurance Portability and Accountability Act, is a US law that sets national standards for the protection of certain health information. It requires providers to protect patient privacy and provide patients with access to their own medical information.

The HIPAA Security Rule

While the Privacy Rule pertains to all Protected Health Information (PHI) including paper and electronic, the Security Rule deals specifically with Electronic Protected Health Information (EPHI). It lays out three types of security safeguards required for compliance;

    • Administrative

    • Physical

    • Technical.

Satisfying the Administrative, Physical, and Technical Rules

As a provider of software to covered entities, Aestiva complies with the stipulations required by HIPAA that pertain to Aestiva for the use and disclosure of Protected Health Information (PHI) and the security of Electronic Protected Health Information (EPHI) in healthcare treatment, payment and operations by covered entities.

What are the advantages of HIPAA?

The five main advantages of HIPAA include:

    • It provides a set of national standards for protecting sensitive health information.

    • It prevents health information from being misused or disclosed without the patient's permission.

    • It enables individuals to keep their health insurance when they change jobs.

    • It increases the efficiency of health care delivery by allowing covered entities to securely exchange health information electronically.

    • It encourages research by allowing researchers to access and use protected health information while still protecting patient privacy.

Do you handle PHI and/or EPHI? Give Aestiva a call. We can deliver systems that meet HIPAA standards and look forward to working with you.

See Also

What Is Enterprise Software, What Is Vertical Software, What Is Custom Software