wpe3.jpg (24586 bytes)

Home

HIPAA Overview

Questions and Issues

Implementation Outline

HIPAA Penalties

HIPAA LAW

Statute

Public Law 104-191 (Health Insurance Portability and Accountability Act of 1996)

PART 142 – Security and Electronic Signature Standards

PART 160 – General Administrative Requirements

PART 162 – Transactions and Code Sets

PART 164 – Security and Privacy

 

The proposed Privacy Rules Revision can be found in PDF format here.

Public Law 104-191 (Health Insurance Portability and Accountability Act of 1996)

Subtitle F--Administrative Simplification

Sec. 261. Purpose.

Sec. 262. Administrative simplification.

Part C--Administrative Simplification

Sec. 1171. Definitions.

Sec. 1172. General requirements for adoption of standards.

Sec. 1173. Standards for information transactions and data elements.

Sec. 1174. Timetables for adoption of standards.

Sec. 1175. Requirements.

Sec. 1176. General penalty for failure to comply with requirements and standards.

Sec. 1177. Wrongful disclosure of individually identifiable health information.

Sec. 1178. Effect on State law.

Sec. 1179. Processing payment transactions.".

Sec. 264. Recommendations with respect to privacy of certain health information.

Part 142 - Security and Electronic Signature Standards

Subpart A – General Provisions

142.101 Statutory basis and purpose.

142.102 Applicability.

142.103 Definitions.

142.104 General requirements for health plans.

142.105 Compliance using a health care clearinghouse.

142.106 Effective dates of a modification to a standard or implementation

         specification.

Subpart B--Reserved

Subpart C--Security and Electronic Signature Standards

142.302 Applicability and scope.

142.304 Definitions.

142.306 Rules for the security standard.

142.308 Security standard.

142.310 Electronic signature standard.

142.312 Effective date of the initial implementation of the security and

              electronic standards.

Authority: Sections 1173 and 1175 of the Social Security Act (42 U.S.C. 1320d-2 and 1320d-4).

PART 160 – GENERAL ADMINISTRATIVE REQUIREMENTS

Subpart A – General Provisions

160.101  Statutory basis and purpose.

160.102  Applicability.

160.103  Definitions.

160.104  Modifications.

Subpart B – Preemption of State Law

160.201  Applicability.

160.202  Definitions.

160.203  General rule and exceptions.

160.204  Process for requesting exception determinations.

160.205  Duration of effectiveness of exception determinations.

Subpart C – Compliance and Enforcement

160.300  Applicability.

160.302  Definitions.

160.304  Principles for achieving compliance.

160.306  Complaints to the Secretary.

160.308  Compliance reviews.

160.310  Responsibilities of covered entities.

160.312  Secretarial action regarding complaints and compliance reviews.

Authority: Sec. 1171 through 1179 of the Social Security Act, (42 U.S.C. 1320d-1329d-8) as added by sec. 262 of Pub. L. 104-191, 110 Stat. 2021-2031 and sec. 264 of Pub. L. 104-191 (42 U.S.C. 1320d-2(note)).

PART 162 - TRANSACTIONS AND CODE SETS

Subpart A – General Provisions

162.100 Applicability.

162.103 Definitions.

Subparts B-H--[Reserved]

Subpart I--General Provisions for Transactions 

162.900 Compliance dates of the initial implementation of the code sets and transaction standards. 

162.910 Maintenance of standards and adoption of modifications and new standards. 

162.915 Trading partner agreements. 

162.920 Availability of implementation specifications. 

162.923 Requirements for covered entities. 

162.925 Additional requirements for health plans. 

162.930 Additional rules for health care clearinghouses. 

162.940 Exceptions from standards to permit testing of proposed modifications.

Subpart J--Code Sets 

162.1000 General requirements. 

162.1002 Medical data code sets. 

162.1011 Valid code sets. 

Authority: Secs. 1171 through 1179 of the Social Security Act (42U.S.C. 1320d--1320d-8), as added by sec. 262 of Pub. L. 104-191, 110Stat. 2021-2031, and sec. 264 of Pub. L. 104-191, 110 Stat. 2033-2034(42 U.S.C. 1320d-2 (note)).

PART 164 – SECURITY AND PRIVACY

The proposed Privacy Rules revision can be found in PDF format here.

Subpart A – General Provisions

164.102  Statutory basis.

164.104  Applicability.

164.106  Relationship to other parts.

Subparts B-D – [Reserved]

Subpart E – Privacy of Individually Identifiable Health Information

164.500  Applicability.

164.501  Definitions.

164.502  Uses and disclosures of protected health information: general 

               rules.

164.504  Uses and disclosures: organizational requirements.

164.506  Consent for uses or disclosures to carry out treatment, payment,

               and health care operations

164.508  Uses and disclosures for which an authorization is required.

164.510  Uses and disclosures requiring an opportunity for the individual

               to agree or to object.

164.512  Uses and disclosures for which consent, an authorization, or

               opportunity to agree or object is  not required.

164.514  Other requirements relating to uses and disclosures of protected

               health information.

164.520  Notice of privacy practices for protected health information.

164.522  Rights to request privacy protection for protected health

                information.

164.524  Access of individuals to protected health information.

164.526  Amendment of protected health information.

164.528  Accounting of disclosures of protected health information.

164.530  Administrative requirements.

164.532  Transition requirements.

164.534  Compliance dates for initial implementation of the privacy

               standards.

Authority: 42 U.S.C. 1320d-2 and 1320d-4, sec. 264 of Pub. L. 104-191, 110 Stat. 2033- 2034(42 U.S.C. 1320(d-2(note)).