HIPAA Library

HIPAA Background

Oregon hospitals and health systems understand the need for privacy of patient health information. Hospitals have always had systems in place to protect the privacy of that information. In 1996, Congress passed legislation that significantly altered how health care providers, health systems and health plans go about protecting the confidentiality of personal health information. Driven by concerns about increasing use of electronic transactions, the Health Insurance Portability and Accountability Act (HIPAA) calls for new safeguards to protect the privacy and security of patient information. The Act also includes provisions requiring use of industry-wide standard codes and data sets for certain administrative and financial transactions.

In response to congressional action, the Health Care Financing Administration issued extensive and complex administrative rules implementing the privacy and transactions standards. While OAHHS can provide information about the Transactions Standards, the focus of the HIPAA Compliance Guidelines are on the privacy regulations and on the security regulations as they relate to compliance with the privacy standards.

The HIPAA Compliance Guidelines are intended to be a living document. As we build on the information available on this page, we welcome suggestions, requests for information or questions about the law.

For more information, visit www.hhs.gov/ocr/privacy.

HIPAA Library

Business Associate Agreements Common Disclosures Disclosure of Decedent's Records
Disease Management Enforcement HIPAA and Law Enforcement
HIPAA Compliance Guidelines: Summary Minimum Necessity Requirement Organized Health Care Arrangements
Parents and Minors Patient Rights Personal Representatives
Privacy Notice Requirements Psychotherapy Notes, HIV/AIDS, Drugs/Alcohol Release of Patient Condition/Location
Subpoenas What Information is Protected Who Must Comply?


These HIPAA resources are provided to assist health care providers in complying with the HIPAA privacy and security regulations. The information on this page is provided solely for general instructional purposes and does not create a business or professional services relationship. While all reasonable attempts are made to ensure the accuracy and timeliness of all information, the Oregon Association of Hospitals and Health Systems does not make any express or implied representations or warranties about the accuracy or timeliness of this information for any purpose or the suitability of this information for use. The information is provided with the understanding that the publisher is not engaged in rendering legal or other professional services. This page may contain links to other web sites operated by third parties. OAHHS is not responsible for any content that appears on the linked sites.

By accessing this page, you acknowledge that you have both read this disclaimer and understood its terms.


Policy Team

Sean Kolmer, MPH
Senior Vice President of Policy & Strategy

Danielle Meyer, MSS
Director of Public Policy

Rebecca Pawlak, MPH
Director of Public Policy