Health Client Alert: HIPAA Compliance Regulations Now in Effect
4/15/2003
The regulations regarding the privacy of individually identifiable health information (the "Privacy Regulation") promulgated under the Health Insurance Portability and Accountability Act (HIPAA) officially went into effect on Monday, April 14, 2003. The Privacy Regulation covers health plans, health care clearinghouses, and those health care providers who conduct certain financial and administrative transactions electronically. These entities (collectively called "covered entities") are bound by the Privacy Regulations even if they contract with others (called "business associates") to perform some of their essential functions. To ensure that business associates also take appropriate steps to protect the protected health information (PHI) to which they have access, HIPAA requires that covered entities enter into so-called "business associate agreements" with their business associates. The Privacy Regulation also imposes on covered entities a number of other obligations, including appointment of a Privacy Officer, development of policies and procedures, and training of the workforce.
