قانون أمريكي صدر عام 1996 يحدد معايير حماية سرية وأمن المعلومات الصحية ومعايير تبادل المعلومات بشكل إلكتروني، بالإضافة إلى أمور أخرى.
 

• HIPAA = Health Insurance Portability and Accountability Act
   
• Also known as Kassebaum-Kennedy Act, after the two senators who spearheaded the bill.
   
• Passed in 1996 to help people buy and keep health insurance, even when they have serious health conditions.
   
• It is the federal law which establishes standards for the privacy and security of health information, as well as standards for electronic data interchange (EDI) of health information.
   
• The Administrative Simplification (AS) provisions of HIPAA are intended to reduce the costs and administrative burdens of health care by making possible the standardized, electronic transmission of many administrative and financial transactions that are currently carried out manually on paper.

1. To make health insurance more portable when persons change employers.
2. To make the health care system more accountable for costs - To reduce waste and fraud.

It is the second goal that is of special interest to health care informatics professionals.

The general aim of A/S is to promote efficiency - through the use of information technology.

A/S is Title II, Subtitle F, of HIPAA, which gives HHS the authority:

• To mandate the use of standards for the electronic exchange of health care data (EDI);
   
• To specify what medical and administrative code sets should be used within those standards;
   
• To require the use of national identification systems for health care patients, providers, payers (or plans), and employers (or sponsors); and
   
• To specify the types of measures required to protect the security and privacy of personally identifiable health care information.

Broader use of computer systems increased concerns about misuse of patient's health information, hence the inclusion of privacy and security provisions as part of HIPAA along with EDI standards.