A U.S. law passed to create national standards for electronic healthcare transactions, among other purposes. HIPAA required the U.S. Department of Health and Human Services to promulgate regulations to protect the privacy and security of personal health information. The basic rule is that patients have to opt in before their information can be shared with other organizations—although there are important exceptions such as for treatment, payment and healthcare operations.

Link to text of law: The Health Insurance Portability and Accountability Act

Acronym(s): HIPAA

Related terms: HITECH, The Privacy Rule, The Security Rule