Health Insurance Portability and Accountability Act

With regards to information security, HIPAA sets requirements for the privacy, protection,m and notification of breaches of personal healthcare information, or PHI.

What information is protected?
"individually identifiable health information", which means…
"'Individually identifiable health information' is information, including demographic data, that relates to:

  • the individual's past, present or future physical or mental health or condition,
  • the provision of health care to the individual, or
  • the past, present, or future payment for the provision of health care to the individual,
  • and that identifies the individual or for which there is a reasonable basis to believe it can be used to identify the individual.  Individually identifiable health information includes many common identifiers (e.g., name, address, birth date, Social Security Number).

HIPAA sets requirements for the covered data elements that must be protected (above), a set of standards for protecting these data (covered under the Safeguards rule), and the requirements for who and how notifications must be made in the event of a disclosure of PHI.

For more information, visit the U.S. Department of Health & Human Services HIPAA resources on the web.

© Wentworth Institute of Technology   |   550 Huntington Avenue   |   Boston, MA 02115   |   617-989-4590