HIPAA & PHI Articles

HIPAA stands for the Health Insurance Portability and Accountability Act, and it governs how health care providers, employers, insurance companies, and all other entities that handle protected health information (PHI) must protect that information. PHI is any information about a patient’s health or treatment that can be used to identify them. 

When you provide services as an independent provider, you are considered a business associate of the entity that hires you to perform those services. This means that they are responsible for ensuring your compliance with HIPAA’s requirements. In some cases, your independent practice may qualify as a “covered entity” under HIPAA—and if so, then you will have additional responsibilities of your own to fulfill (such as setting up a privacy officer). 

The goal of HIPAA is to ensure that patients’ health information is kept private except when necessary for treatment purposes or other legitimate reasons such as billing purposes or research purposes.