return to library home return to buffalo.edu

  • Find Library Materials
  • My Accounts
  • Get Help
  • Libraries & Collections
  • About Us
  • Ask A Librarian
Articles+ (Multi-Search) BISON Catalog Electronic Journals Course Reserves Databases Forms A-Z Resources by Subject
My Library Card Arts & Sciences - ILLiad Health Sciences - ILLiad Law - ILLiad
Help A - Z Research Tips Instructional Support Faculty Support Student Support Alumni & Visitor Support Endnote Software
Arts & Sciences Libraries Health Sciences Library Law Library Music Library Special Collections Digital Library Center Libraries Annex
Contact Us Hours / Floor Plans Policies & Services Staff Directory Library Administration Events & Workshops Library Exhibits Employment Support Our Libraries
chatInstant Message emailEmail phonePhone inpersonIn Person
Return to HSL Homepage
 
  star icon About HSL
divider
  star icon Collections & Resources
divider
  star icon HSL Services
divider
  star icon ILLiad Requests
divider
  star icon Biomedical Databases
divider
  star icon Subject Resources



Home > Libraries & Collections > Health Sciences > Collections & Resources >

HIPAA (Health Insurance Portability and Accountability Act): a guide to selected resources

Purpose: The purpose of this guide is to assist library users in locating materials on the Health Insurance Portability and Accountability Act of 1996 (also known as HIPAA).

Introduction to the Topic | Important Terms | Web Sites | Subject Headings
| Books | Videos | Online Databases | Journals

Introduction to the Topic:

The Health Insurance Portability and Accountability Act is "federal legislation whose primary purpose is to provide continuity of healthcare coverage. It does this partly by providing limitations on preexisting condition exclusions, as well as prohibiting discrimination against individuals based on health status. The law also guarantees that insured workers will be eligible to keep their insurance if they leave their jobs. It created the medical savings account (MSA) to help individuals pay for their health care. HIPAA also made amendments to other legislation, including the Employee Retirement Income Security Act (ERISA), the Internal Revenue Code (IRC), and the Public Health Service Act.

For many health care providers, however, HIPAA is mostly of interest because it contains a section on 'administrative simplification' that calls for sweeping new requirements for the electronic transmission of health information. It is that section that raises issues of who is a covered entity under HIPAA, who is a business associate (partner), and what is protected health information (PHI).

The passage of this legislation has also created a new interest in healthcare standards, since this law focuses on standards for data interchange in the areas of healthcare plans, claims and reimbursement."

Slee's Health Care Terms, Vergil N. Slee, 2001, 287-288

Return to Top

Important Terms:

Administrative simplification:
Title II, Subtitle F, of HIPAA, which gives HHS the authority to mandate the use of standards for the electronic exchange of health care data; to specify what medical and administrative code sets should be used within those standards; to require the use of national identification systems for health care patients, providers, payers (or plans), and employers (or sponsors); and to specify the types of measures required to protect the security and privacy of personally identifiable health care information. This is also the name of Title II, Subtitle F, Part C of HIPAA.

Business Associate:
A person or organization that performs a function or activity on behalf of a covered entity, but is not part of the covered entity's workforce. A business associate can also be a covered entity in its own right. Also see Part II, 45 CFR 160.103. (CMS Centers for Medicare & Medicaid Services Glossary http://cms.hhs.gov/glossary/)

Covered Entity (CE):
Under HIPAA, this is a health plan, a health care clearinghouse, or a health care provider who transmits any health information in electronic form in connection with a HIPAA transaction. Also see Part II, 45 CFR 160.103. (A HIPAA Glossary http://www.wedi.org/public/articles/HIPAA_GLOSSARY.pdf)

Electronic Data Interchange (EDI):
The exchange of routine business transactions via computer. EDI enforces a level of standardization in the way the electronically transmitted data is formatted, making it possible for a variety of different computer system [sic] to exchange data. The term is used in health care primarily in connection with claims and other financial transactions. (Slee's Health Care Terms, 4th ed., p. 220)

Employee Retirement Income Security Act (ERISA):
The Employee Retirement Income Security Act (ERISA) is a law that provides protections for individuals enrolled in pension, health, and other benefit plans sponsored by private-sector employers, including certain rights to information, as well as a grievance and appeals process for individuals to get benefits from their plan. The Department of Labor administers the law. (SC HIPAA Office http://www.hipaa.state.sc.us/glossary.htm)

Group Health Plan:
Under HIPAA this is an employee welfare benefit plan that provides for medical care and that either has 50 or more participants or is administered by another business entity. Also see Part II, 45 CFR 160.103. (A HIPAA Glossary http://www.wedi.org/public/articles/HIPAA_GLOSSARY.pdf)

Medical Savings Account (MSA):
A mechanism created in 1996 by HIPAA to help individuals provide funds for health care. It is a savings account set up for an individual under regulations and tax treatment similar to an individual retirement account (IRA). The cash in the account is available to pay for deductibles, copayments, and services not provided by the holder's insurance. Sometimes called a health IRA or medical IRA. (Slee's Health Care Terms, 4th ed., p. 380)

Preexisting conditions:
A physical or mental condition which has been discovered before an individual applies for health insurance. Insurers often deny insurance to individuals with certain preexisting conditions, or invoke a waiting period, or reject a group unless such individuals are excluded. (Slee's Health Care Terms, 4th ed., p. 495)

Protected Health Information (PHI):
Referring to health information that is 'electronically maintained or transmitted' by a covered entity. While this does not include traditional paper-based health information, this may turn out to be a very narrow exclusion in real life . . . Under proposed regulations flowing from HIPAA, such PHI includes not only all past, present, or future health (both physical and mental) information about an individual, but also information about whether any health care was even provided or paid for. (Slee's Health Care Terms, 4th ed., p. 508)

Return to Top

Web Sites:

AHA HIPAA Standards
http://www.hospitalconnect.com/aha/key_issues/hipaa/index.html

Centers for Medicare & Medicaid Services HIPAA Insurance Reform
http://cms.hhs.gov/hipaa/hipaa1/default.asp

Health & Human Services - Office for Civil Rights - HIPAA
http://www.hhs.gov/ocr/hipaa

Health Care Administrative Simplification
http://aspe.hhs.gov/admnsimp/index.shtml

Health Insurance Portability and Accountability Act (HIPAA)
http://www.ama-assn.org/ama/pub/category/4234.html

Health Insurance Portability and Accountability Act (HIPAA)
http://www.dol.gov/dol/topic/health-plans/portability.htm

HIPAAdvisory
http://www.hipaadvisory.com/

A HIPAA Glossary
http://www.wedi.org/public/articles/HIPAA_GLOSSARY.pdf

HIPAA Insurance Reform
http://cms.hhs.gov/hipaa/hipaa1/default.asp

HIPAA.ORG
http://www.hipaa.org

The HIPAA Privacy Rule and Research
http://privacyruleandresearch.nih.gov

New York State Office of Mental Health
http://www.omh.state.ny.us/omhweb/hipaa/hipaa_home.htm

Practice Brief: A HIPAA Privacy Checklist
http://library.ahima.org/xpedio/groups/public/documents/ahima/pub_bok2_000583.html

Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule
http://privacyruleandresearch.nih.gov/pdf/HIPAA_Booklet_4-14-2003.pdf

QuadraMed's Internet Forum on HIPAA Preparedness
http://www.hipaa-iq.com/summary.htm

Return to Top

Subject Headings to Use for Further Searching in Databases and Catalogs:

Medical Subject Headings (MeSH)
Confidentiality
Ethics, Medical
"Health Insurance Portability and Accountability Act"
Managed Care Programs-organization & administration-United States
Medical Records
Medical Records Systems, Computerized
Privacy
Security Measures

Library of Congress Subject Headings
Health-Information services-Management-Moral and ethical aspects.
Managed care plans (Medical Care)-Management.
Medical records-access control
Medical records-Law and Legislation-United States
United States. Health Insurance Portability and Accountability Act of 1996.

Return to Top

Books:

Ethical Challenges in the Management of Health Information. Edited by Laurinda B. Harman. Gaithersburg, MD: Aspen Publishers, 2001.
W 26.5 E835 2001

HIPAA Compliance Handbook. Gaithersburg, MD: Aspen Publishers, 2006.
W 275 AA1 H6675 2001

HIPAA IT Essentials: Health Information Transactions, Privacy and Security. Rada, R. Baltimore, MD: Hypermedia Solutions, Ltd., 2001.
WX 173 R124h 2001

HIPAA IT Handbook: Strategies to Protect Health Information. Bogen, Jonathan D. Marblehead, MA: Opus Communications, 2002.
WX 39 B674h 2002

The HIPAA Handbook: What Your Organization Should Know about the Federal Privacy Standards. Edited by Dennis Melamed & Alexander J. Brittin. Washington, DC: URAC/American Accreditation HealthCare Commission, 2001.
WX 33.AA1 H667 2001

HIPAA Made Simple: A Practical Guide to Compliance. Amatayakul, Margaret K. Marblehead, MA: Opus Communications, 2001.
W 900 A487h 2001

HIPAA Plain and Simple: A Compliance Guide for Healthcare Professionals. Hartley, Carolyn P. Chicago: AMA Press, 2004.
WX 173 H332h 2004 (General Reference)

HIPAA Program Reference Handbook. Edited by Ross Leo. Boca Raton: Auerbach Publications, 2005.
WX 33 AA1 H56 2005 (General Reference)

HIPAA: A Short and Long-term Perspective for Health Care. Doscher, Michael. Chicago: AMA Press, 2002.
WX 33.AA1 D722h, 2002

Privacy and Confidentiality in Mental Health Care. Edited by John J. Gates and Bernard S. Arons. Baltimore, Md.: Paul H. Brookes Pub. Co., 2000.
WM 33.AA1 P961 2000

Privacy and Confidentiality of Health Information. Dennis, Jill Callahan. San Francisco, Calif.: Jossey-Bass: AHA Press, 2000.
WX 173 D411p 2000

Videos:

Get Hip to HIPAA: Teleconference, March 12, 2003. Medical Library Association. East Lansing, Mich.: MSU Libraries, 2003.
Videocassette VHS WX 173 G394 2003

HIPAA: A guide for Healthcare Workers. DeLair, Catherine E. and Carole H. Patterson. Cypress, CA: Medcom Trainex, 2003.
Videocassette VHS WX 33 AA1 H6675 2003

HIPAA: Privacy Compliance. Coastal Training Technologies Corp. Virginia Beach, VA: Coastal Training Technologies Corp., 2002.
Videocassette VHS WX 173 H6672 2002

Meeting the HIPAA Challenge: Implementing the HIPAA Administrative Simplifications. Phillips, Robin and Kim B. Pardue. Baltimore, MD: Medicare Learning Network, 2002.
Videocassette VHS WX 33 AA1 M495 2002

Check the UB Online Catalog for newly added items - UB Libraries Catalog

Return to Top

Online Databases:

MEDLINE
CINAHL (Cumulative Index to Nursing & Allied Health Literature)
ABI/Inform (Global)
EBSCOhost MasterFILE Select
Lexis-Nexis Academic

Return to Top

Journals:

The following is a list of journals owned by HSL that may have coverage of HIPAA:

AAOHN Journal
AORN Journal
American Journal of Nursing
Annals of Emergency Medicine
Healthcare Financial Management
Health Management Technology
Journal of AHIMA
Journal of Health Care Finance
Modern Healthcare
New England Journal of Medicine
Nursing Economics
Occupational Health & Safety
Postgraduate Medicine

Return to Top

Consult a reference librarian for more recommendations.

Edited and updated by Susan LaValley
Created by Michelle L. Zafron



divider
return to buffalo.edu Site Search  |  Terms of Use  |   UB Privacy Policy  |  Accessibility