HIPAA & Research

The federal Health Insurance Portability and Accountability Act (HIPAA) went into effect on April 14, 2003 to:

  • Insure the portability of insurance coverage as employees move from job to job
  • Increase accountability and decrease fraud and abuse in healthcare; and improve the efficiency of the health care payment process, while at the same time protecting a patient's privacy.

HIPAA applies to Covered Entities, defined by the privacy rule as:

  • A health care provider that conducts certain transactions in electronic form,
  • A health care clearinghouse,
  • A health plan, or
  • A business associate (person or organization) performing a function on behalf of the Covered Entity for which access to protected health information is needed

A researcher who obtains protected health information (PHI) from a Covered Entity (such as Scott & White) or creates new PHI through the Covered Entity will need to comply with the Privacy Rule (HIPAA).

Text Size