The Health Insurance Portability and Accountability Act (HIPAA) provides data privacy and safeguards for medical information. HIPAA applies to all healthcare providers that transmit health information in electronic form. The mandate protects individuals’ health information from being used or disclosed by covered entities. Covered entities are any organizations or corporations that directly handle protected health information.

Protected health information under HIPAA includes:

  • The patient’s name, address, birth date, and Social Security number.
  • An individual’s physical or mental health condition.
  • Any care provided to an individual.
  • Payment information that identifies the patient or could be used to identify the patient.