Overview
With healthcare IT growing, the need for federally compliant infrastructure to process and store the electronic protected health information (ePHI) that is protected by the Health insurance Portability and Accountability Act (HIPAA) is on the rise as well.
HIPAA infrastructure must meet evolving standards
HIPAA was passed in 1996 to allow United States citizens to keep their health insurance when they changed employment (the P in HIPAA, portability) while safeguarding their health records (the first A in HIPAA, accountability). Under the law, healthcare providers, plans, and data clearinghouses (called covered entities by HIPAA) were given guidelines they had to follow – in which case they would achieve HIPAA compliance and avoid violations. These covered entities were expected to sign contracts with all of their business associates (BAs), service providers that handled their patient information. The contracts themselves were called business associate agreements (BAAs).
