HIPAA was enacted in 1996. In its initial form, the legislation assisting in making sure that workers would go on receiving health insurance coverage when they were moving between jobs. The legislation also required healthcare groups to put in place controls to secure patient data to prevent healthcare fraud, although it took many years for the rules for doing so to be formulated.
HIPAA also brought in many new standards that were aimed at enhancing efficiency in the healthcare sector requiring healthcare groups to adopt the standards to reduce the paperwork burden. Code sets had to be configured along with patient identifiers, which helped set the way forward for the efficient transfer of healthcare data between healthcare groups and insurers, streamlining eligibility checks, billing, payments, and other healthcare procedures.
HIPAA also forbids the tax-deduction of interest on life insurance loans, enforces group health insurance requirements, and standardizes the amount of money that may be saved in a pre-tax medical savings account.
HIPAA is a very thorough legislative act incorporating that takes into account the requirements of many other legislative acts, including the Public Health Service Act, Employee Retirement Income Security Act, and more recently, the Health Information Technology for Economic and Clinical Health (HITECH) Act.
HIPAA is now best known for safeguarding the privacy of patients and ensuring patient data is properly secured, with those requirements set in place by the HIPAA Privacy Rule of 2000 and the HIPAA Security Rule of 2003. The requirement for making individuals aware of a breach of their health information was put in place with the Breach Notification Rule in 2009.
The purpose of the HIPAA Privacy Rule was to set limits on the allowable uses and disclosures of protected health information, stating when, with whom, and on what occasions, health information could be shared. Another important aim of the HIPAA Privacy Rule was to allow patients access to their health data on request. The chief purpose of the HIPAA Security Rule is to ensure electronic health data is properly secured, access to electronic health data is managed, and an auditable trail of PHI activity is in place.
So, in short, what is the purpose of HIPAA? To enhance efficiency in the healthcare sector to enhance the portability of health insurance, to safeguard the privacy of patients and health plan subscriber, and to ensure health information is kept secure and patients are made aware of breaches of their healthcare data.