Patient’s Guide to HIPAA – Learning About HIPAA: What is HIPAA and Why Should You Care?





You are reading the Patient’s Guide to HIPAA, FAQ 4

HIPAA Guide Quick Links:


FAQ 4: What is HIPAA and Why Should You Care?

You can’t get very far into health privacy without running across the acronym HIPAA, which stands for the Health Insurance Portability and Accountability Act, a 1996 US federal statute. Although many people associate HIPAA just with health privacy, the Act actually covers many topics unrelated to privacy. The part of the Act relevant to privacy directed the Department of Health and Human Services to write a health privacy rule. The rule originally took effect on April 14, 2003. Some refer to it as the health privacy rule, the HIPAA rule, or just plain HIPAA. Other HIPAA rules also exist, but they don’t relate to health privacy. When we say HIPAA in this document, it means the HIPAA health privacy rule unless we state otherwise.

Another important part of HIPAA relevant here is the provision that requires the health care world to comply with security standards for medical information. This is the HIPAA security rule. HHS issued security standards under the authority granted by HIPAA. Responsibility for the security rule had been assigned to the Centers for Medicare & Medicaid Services (CMS), but it now belongs to the Office of Civil Rights at HHS. There’s a summary of the security rule at

We won’t cover the security rule in detail here because it is of interest primarily to health care providers and insurers who have to implement it. More at


Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 4 of 65)

Jump to list of FAQs 1-65 | See all of Part 1