HIPAA Compliance Program, Office of Compliance and Regulatory Affairs, Compliance Office 210-567-2014, ComplianceLine 1-877-507-7317

Overview of HIPAA


What is HIPAA?

It is a federal law titled the Health Insurance Portability and Accountability Act.


Which federal agency oversees HIPAA compliance?

The Department of Health and Human Services (HHS), Office of Civil Rights (OCR).


Why was HIPAA established?

  • To protect employees' insurance when they lost or changed jobs.
  • To protect the privacy and security of patients' health information.
  • To adopt national standards for electronic health care transactions.
  • To improve the efficiency and effectiveness of the health care system.


What do the HIPAA regulations do for health care?

  • Protects patients' rights regarding their health information, including the right to review it and make decisions about how it is used and disclosed.
  • Provides for appropriate use and disclosure of patients' health information.
  • Requires health care providers to implement safeguards to ensure privacy of patients' health information.


On what exactly do the privacy regulations focus?

  • Individually identifiable information, which means it identifies the patient or could be used to identify the patient.
  • Paper or electronic patient medical or health records.
  • Patient information exchanged verbally.
  • Information relating to the past, present, or future physical or mental condition of an individual.
  • Research data that identifies individual patients.
top of page