Girl standing triumphantly by a lake surrounded by mountains
Home » HIPAA 101: A Short History of HIPAA

HIPAA 101:  A Short History of HIPAA

Most people know HIPAA – or, at least, the sound of the word.  We’ve all met staff people in doctors’ offices who ask us to sign a HIPAA form.  But what is HIPAA, really?  This short history of HIPAA and related legislation highlights the issues of patient privacy and sharing information with caregivers.

Listen to "HIPAA 101: A Short History of HIPAA"

HIPAA:   The dawn of federal patient privacy legislation

HIPAA stands for the Health Insurance Portability and Accountability Act of 1996.  Congress initially created this federal law to help people keep health insurance coverage as they moved between jobs.  The first HIPAA legislation also addressed pre-existing medical conditions.  In addition, it took aim at waste, fraud, and abuse in health systems.

Sunrise over a lake, representing the creation of HIPPA for Caregivers

A few years after that, in 2003, Congress added the Privacy Rule to HIPAA.  The Privacy Rule defines Protected Health Information (PHI) as “health status, the provision of healthcare, or payment for healthcare that can be linked to an individual.”  You can find PHI in records held by “covered entities.”  HIPAA uses the term “covered entities” to mean any business governed by HIPAA.  Examples of such businesses are doctor’s offices and companies that bill for hospitals.  The Privacy Rule limits the situations where covered entities may disclose PHI.

Later, in 2006, the Enforcement Rule roared onto the scene.  It gave teeth to the United States Department of Health and Human Services (HHS).  Under that rule, HHS can fine covered entities for violating the Privacy Rule.

More recent legislation about mental health and HIPAA

Fast forward a decade.  In 2016, Congress passed the 21st Century Cures Act.  Within that law, one section stresses the importance of compassionate communication during mental health crises.  What is compassionate communication?  It is doctors talking with patients’ families.  Also, that same section charged HHS with creating more resources explaining when doctors may involve families in medical discussions.  As a result, a lot of pdfs and webpages on this subject exist!  As a matter of fact, you can find them on our Resources page.

“… for the sake of the health and safety of persons with serious mental illness, more clarity is needed surrounding the existing HIPAA privacy rule to permit health care professionals to communicate, when necessary, with responsible known caregivers of such persons, the limited, appropriate protected health information of such persons in order to facilitate treatment…”

21st Century Cures Act

Looking for More?  Our Pages Contain Everything You Need

Now that you’ve gotten your short history of HIPAA, do you want to learn more about caregivers and patient privacy?  For your convenience, we offer three options, going from less detailed to more detailed:

    • Five Important Facts about communication with your loved one’s care team are listed on our homepage.  They are critical points about HIPAA to know, especially during a mental health crisis. A downloadable pdf containing the information is also available.
    • More detailed information is in our FAQs page.  The answers reference the public documents that provide the information.
    • If you want to know absolutely everything, check out our Resources page. It connects you to the pdfs and webpages.  Mainly, the resources are from the United States government.   They all relate to mental health and compassionate communication.