What is HIPAA?

HIPAA, the Health Insurance Portability and Accountability Act, is a federal law that was passed in 1996 and updated in 2013 with the Final Omnibus Rule Update. Among other things, HIPAA outlines the requirements for the management, storage, and transmission of protected health information (PHI) in both physical and digital form. And while the original legislation pre-dates the rise of the commercial Internet (and the iPhone by a decade), its rules govern the use of this special type of personal data by applications on the web and mobile devices.

HIPAA was initially created to help the public with insurance portability. Back in the day you couldn’t easily switch insurances if you didn’t like the coverage or doctors that provided services under that insurance. It was a huge pain getting your medical records from one practitioner to another. Along with portability came privacy concerns, so lawmakers built in a series of privacy tools and requirements to protect healthcare data.

As HIPAA is a twenty year old piece of legislation that was written in a world without smartphones, tablets, and even email, it is full of requirements that are confusing and challenging. Software developers have to make sense of this legislation as it relates to their product.

Here is an easy-on-the eyes checklist that outlines all of the rules that HIPAA requires.

You can view more information about HIPAA at the department of Health and Human Services website.