Health Insurance Portability and Accountability Act of
Summary of Administrative Simplification Provisions
Standards for electronic health
information transactions. Within 18
months of enactment, the Secretary of HHS is required to adopt standards
from among those already approved by private standards developing
organizations for certain electronic health transactions, including claims,
enrollment, eligibility, payment, and coordination of benefits. These
standards also must address the security of electronic health information
Mandate on providers and health plans,
and timetable. Providers and health
plans are required to use the standards for the specified electronic
transactions 24 months after they are adopted. Plans and providers may
comply directly, or may use a health care clearinghouse. Certain health
plans, in particular workers compensation, are not covered.
The Secretary is required to recommend privacy standards for health
information to Congress 12 months after enactment. If Congress does not
enact privacy legislation within 3 years of enactment, the Secretary shall
promulgate privacy regulations for individually identifiable electronic
Pre-emption of State Law.
The bill supersedes state laws, except where the Secretary determines that
the State law is necessary to prevent fraud and abuse, to ensure appropriate
state regulation of insurance or health plans, addresses controlled
substances, or for other purposes. If the Secretary promulgates privacy
regulations, those regulations do not pre-empt state laws that impose more
stringent requirements. These provisions do not limit a State's ability to
require health plan reporting or audits.
The bill imposes civil money penalties and prison for certain violations.