It's rare that a piece of legislation still hits the headlines almost 15 years after it was first enacted. With the obvious exception of our anti-terror legislation, it's unusual for our laws make the news quite so often. Mostly they get passed, enjoy a headline or two, maybe a bit of controversy, then rapidly get forgotten about by all except those who have to enforce it, comply with it or defend against it. HIPAA email compliance laws are different, HIPAA itself still enjoys a significant public profile as elements are debated, the laws are enhanced and companies still struggle to comply.

The Health Insurance Portability and Accountability Act is a federal statute first enacted in 1996 in order protect our medical records. It was becoming obvious that there was no framework in place to protect our confidential medical data from insurance companies, data mining and unauthorized sharing, so this act was drawn up to address it. The Act itself covers many aspects of medical care and the handling of the necessary records and information. It provides a framework of protection that pretty much says organizations that deal with your medical information have to look after it, not share it and never, ever lose it.

There are many rules provided under the act and they are the Enforcement Rule, the Privacy Rule, Security Rule, Transactions and Code Sets Rule and the Unique Identifiers rule. The legislation itself is huge, and only a highly skilled lawyer is going to know it well. The rules that mostly pertain to our daily lives are the Privacy Rule and the Security Rule.

The Privacy Rule stipulates that your medical information has to be kept secure and only shared with those entities that have a specific need for that data. Some of those would include your medical insurer, physician, clinics, treating hospitals and other supporting organizations directly affecting your health or medical treatment. As much information is transferred electronically now, there are specific HIPAA email compliance rules that need to be followed in order to stay compliant.

The Security Rule deals with the storage of your data and compels anyone who comes into contact with your medical data to behave in a certain way. The workplace that the records are stored and accessed must be secure, the staff have to be vetted, trained and aware of the consequences of not complying. The data must be stored securely, have access controls, and must be disposed of in a secure, approved way once finished.

HIPAA email compliance is but a small part of HIPAA but plays a significant part of the day-to-day enforcement of the legislation. With the increasing reliance on email as an efficient medium for transmitting information, it was essential to have this covered under HIPAA, but don't be mistake for thinking it only covers electronic information. These rules cover your medical information in any form be that paper, film, audio or electronic.