Press Home Page > Fact Sheets > HIPAA FAQS


What is HIPAA?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) was created to ensure the portability of health insurance, reduce healthcare fraud, guarantee the privacy and security of health information, and standardize healthcare industry transactions.

Who does HIPAA affect?

  • Health insurance companies and their business associates
  • Healthcare clearinghouses
  • Physicians
  • Hospitals
  • Group Health Plans
  • Patients

What does HIPAA do?

  • Protects health insurance coverage for groups and individuals experiencing such events as changing or losing a job, pregnancy or divorce. Also protects people from loosing healthcare coverage due to a new diagnosis or being permanently denied coverage due to a preexisting condition.
  • Establishes national standards for electronic healthcare transactions.
  • Ensures the protection of protected health information (PHI).

What does HIPPA NOT do?

  • HIPAA does not require employers to offer health insurance, regulate the cost of healthcare coverage, regulate the types of benefits offered, or provide protection when a person changes from one type of healthcare coverage to another.

How does HIPAA simplify electronic transactions in healthcare?

  • Requires health plans to use one national standard electronic format and set of codes to exchange information.

How does HIPAA protect PHI?

  • Ensures that PHI is not used for non-healthcare purposes.
  • Gives members the right to obtain a copy of their health records, request corrections and find out how their PHI is being disclosed.
  • Requires healthcare providers and insurers to provide patients with a written explanation concerning how they are using and disclosing the patients' PHI.
  • Limits use and disclosure of PHI to the minimum necessary to carry out the intended purpose of the use or disclosure.

What is Oxford doing to comply with HIPAA Regulations?

  • Commissioned consultants and external firms to conduct analyses of the company's current privacy policies and electronic transactions in order to ensure compliance with HIPAA regulations.
  • Continuously reviews and updates policies and procedures according to HIPAA guidelines.
  • Established teams of business personnel to restructure policies and procedures to fully support HIPAA.
  • Created a full-time HIPAA implementation team to manage the company-wide implementation process.
  • Communicated HIPAA regulations and policies to employees through internal newsletters and Intranet site. All employees also received specialized HIPAA training.