Develop a SART
skip navigation 

Health Insurance Portability and Accountability Act

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) establishes national standards for the protection of individually identifiable health information created or held by health care providers, health insurance companies, and health clearinghouses. Congress recognized that improvements in electronic transactions, with a shift away from paper records, had the potential to erode the privacy of personal medical information.


  • Gives patients more control over their own health information.
  • Sets boundaries on the use and release of health records.
  • Establishes safeguards that most health care providers must institute to protect a patient's health information.
  • Allows civil and criminal penalties to be imposed on covered entities that violate the rule.
  • Allows for disclosure of protected health information for public health, safety, and law enforcement purposes.
  • Enables patients to make informed choices and know how and when their protected health information is used and to whom it goes.
  • Limits the release of protected health information to the minimum number of people necessary for the purposes of the disclosure.

Read on for information about—