HIPAA was enacted to improve the efficiency and effectiveness of the health care system. This included Administrative Simplification provisions that required HHS to adopt national standards. These are for electronic health care transactions and code sets, unique health identifiers, and security.
Congress incorporated into HIPAA provisions that mandated the adoption of Federal privacy protections for individually identifiable health information.
Privacy Rule – This Rule set national standards for the protection of patient health information. It addressed the three types of covered entities who conduct the standard health care transactions electronically.
- health plans,
- health care clearinghouses
- health care providers
Security Rule – This Rule sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information.
The Enforcement Rule provides standards for the enforcement of all the Administrative Simplification Rules.
Final Omnibus Rule implements a number of provisions of the HITECH Act. These strengthen the privacy and security protections for health information established under HIPAA. This helped to finalize the Breach Notification Rule.