The Health Insurance Portability and Accountability Act (HIPAA) 1996 focuses on the security of healthcare data. Healthcare data is sensitive for a number of reasons. Protecting and securing healthcare data is important to ensure patients get the right care (considering things such as pre-existing conditions or medication). Additionally, securing this data is important for protecting individuals from discrimination based on healthcare or genetic issues (or perceived issues) and protecting providers (and insurers, including the state) from identity theft and those resultant costs.

In this section, we will identify the data elements that are protected under HIPAA. This is specifically referenced in topic 3.7b of the 210–255 syllabus:

In this section, we need to consider the entities covered by HIPAA and the types of safeguards that must be in place.