Home >> HIPAA >> Introduction - Primer


 What is HIPAA?

On August 23, 1996, President Clinton signed into law the Health Insurance Portability and Accountability Act (HIPAA) of 1996. The law is meant to:

  • Reduce the costs and administrative burdens of health care by standardizing electronic transmission of certain healthcare transactions (also called Administrative Simplification)
  • Assure that medical records and other individually identifiable health information is private
  • Assure that medical records and other individually identifiable health information is secure

What Information Is Protected?
Every form of individually identifiable health information about patients is considered Protected Health Information (PHI). This information can be in any form (electronic, paper, oral, contained on a physician’s PDA, etc). PHI consists of, but is not limited to:

  • Name
  • Address (except for state or, in some cases, zip code)
  • Social Security Number
  • Birth date
  • Date of service
  • Date of discharge
  • Telephone number
  • Device id

Am I affected?
There are 2 main types of organizations affected:

  • Covered Entities - Any healthcare provider, health plan or clearinghouse that electronically transmits medical information such as eligibility, enrollment, billing or status. Covered entities include medical practices (including solo practices), rehab centers, public health authorities, insurance agencies, hospitals and clinics, employers, nursing homes, and some vendors, service organizations and universities.
  • Business Associates - Any organization that receives PHI from a Covered Entity is subject to HIPAA compliance. Examples include CRO’s and CRA’s (who receive patient information about those enrolled in clinical trials). HIPAA requires that Covered Entities to verify that their Business Associates and partners have privacy and security measures in place to avoid accidental or intentional disclosure of PHI.

What Does That Mean to Me?

  • By April 14, 2003, you must be compliant with the security and privacy laws
  • By October 16, 2002, you must be compliant with the transaction standards if you process healthcare claims (you have until October 2003 if you registered for an extension)

What Do I Do to become compliant?
Contact G & G Technologies immediately! We offer:

  • HIPAA Readiness Assessments - we can work with you to quickly determine what steps you must take to be compliant
  • HIPAA Awareness Seminar - an overview of HIPAA
  • 3rd Party Tools for
    • Employee Training - to teach your staff what they must do to comply with the privacy rules
    • HIPAA Privacy - to document procedures and policies and to assure HIPAA governing authorities that these procedures and policies are in place and that employees have been properly trained on them
Introduction - Primer | Electronic Data Interchange (EDI) | Privacy | Security | Consulting Services
Gap Analysis Tool | Useful Links | Request for Info
Copyright © 2002-2003 G&G Technologies, Inc. Research Triangle Park,   NC 27709-2122
Toll free: 1-800-852-4145 Voice: 919-461-9848 Fax: 919-461-3837 Email: info@GGtechinc.com