What is HIPAA?
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) required the U.S. Department of Health and Human Services to issue regulations governing health care entities that engage in electronic health care transactions. HIPAA regulations apply both to the form of electronic health care transactions and the privacy of patient information.
- Searchable Answers and FAQ for professionals: U.S. Department of Health and Human Services (a good place to start): www.hhs.gov/hipaafaq/
- The general HIPAA information page of U.S. Department of Health and Human Services Office of Civil Rights (another good starting point): www.hhs.gov/ocr/hipaa/
- State law (Chapter 181 of the Health and Safety Code) regulating privacy of protected health information and other personal identifying information. Requires staff training and provides for 15 day response to request for electronic copy of patient records: https://tob.texas.gov/protected-health-information-house-bill-300/
- Texas Attorney General Protected Health Information general information page: https://www.texasattorneygeneral.gov/cpd/state-and-federal-health-privacy-laws
- HHS Centers for Medicare and Medicaid Services general HIPAA information page: www.cms.gov/Regulations-and-Guidance/Administrative-Simplification/HIPAA-ACA/index.html
- Identification number (NPI Number) required for all providers under HIPAA regulations beginning in 2007: www.cms.hhs.gov/NationalProvIdentStand/
Interpretation of Regulations
The HIPAA regulations are federal regulations enforced and interpreted primarily by the U. S. Department of Health and Human Services, although the Texas Attorney General and the Optometry Board have an enforcement role. Therefore the Optometry Board is usually not in a position to interpret these far reaching federal regulations. Using the links on this page should answer almost all questions.
Are You Subject to HIPAA Regulations?
Optometrists may be in the class of health care providers that must comply with HIPAA regulations — depending on whether payment or records are transmitted electronically. The website of
Centers for Medicare and Medicaid Services (CMS) of the U.S. Department of Health
& Human Services, has a guide to assist in making the determination of whether a practice is
subject to HIPAA. Note, however, that sections of Chapter 181 of the Texas Health and Safety Code make state law regarding protected health information applicable to all health care providers.
Licensees may want to consult the federal government websites listed on this page, state professional associations, national professional associations, seminars, or private attorneys to determine whether their practice is subject to HIPAA regulations and what steps must be taken to comply.
Chapter 181 of the Health and Safety Code (as amended by House Bill 300) is the state law that governs privacy of patient information. Use this link for a page discussing state law with links to several references.