Since the early 2000s, health care privacy has mainly meant the Health Insurance Portability and Accountability Act. This has always been a little misleading.
The HIPAA statute focused on health insurance portability and standard electronic transactions, with privacy mainly an undefined afterthought. It was clear at the time that the HIPAA privacy rule crafted by the Department of Health and Human Services was of important but limited applicability. It applied to specific entities, those involved in portability and standard transactions, for certain information in certain situations. It was never intended as an overall health information privacy law.
Click here to continue reading.
Originally published by IAPP on 20 March 2025.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
