Health Insurance Portability and Accountability Act

Standard brief

HIPAA is the Health Insurance Portability and Accountability Act of 1996, a law intended to make it easier for people to keep their health insurance when they change jobs. The law set standards for the electronic exchange of patient information, including protecting the privacy of such records. The U.S. Department of Health and Human Services issued the Privacy Rule to implement that aspect of the law, and its Office of Civil Rights is in charge of enforcing it. Its primary goals are to make it easier for people to keep health insurance, protect the security and confidentiality of private healthcare information, and help the healthcare industry control administrative costs.



  • Fosters a culture of compliance and common understanding of “the right way” to handle patient information
  • Ensures that every member of a healthcare organization understands the practices necessary to protect both the privacy and security of patients’ and thus create a ‘human firewall’ against a data breach.
  • Teaches staff that protecting patients’ PHI is just another aspect of keeping patients safe – as important as infection control, fall-prevention, and medication safety measures.
  • Promotes careful handling of PHI to improve patient satisfaction and increases HCAHPS (Hospital Consumer Assessment of Healthcare Providers and Systems) score.
  • Increases healthcare provider’s awareness and provides specific instruction about how to keep patients’ records safe.
  • Eliminates providers’ need to choose between speed of communication and legal risk by sharing PHI in accordance with HIPAA regulations
  • Reduces executive and organizational liability.
  • Protects the organization and staff from personal liability. Staff training is required by law.
  • Allows for positive differentiation among competitors, as HIPAA compliant practices are more secure as it relates to patient information.
  • Helps build a foundation for future technology implementations.
  • Proactively helps organizations avoid expensive add-on security measures.
  • Reduces medical errors, increase patient satisfaction and trust, improves quality of care, and create operational efficiencies


  • HIPAA Privacy Rule
  • Individually Identifiable Health Information
  • HIPAA Security Rule
    • Technical Safeguards
    • Physical Safeguards
    • Administrative Safeguards
  • PHI- Protected health information (PHI)
  • ePHI- Electronic protected health information (ePHI)
  • PII- Personally identifying information (PII)
  • Audit Trail
  • Covered Entities

International Compliance


General Data Protection Regulation for personal data. Learn More


Health Insurance Portability and Accountability Act. Learn More


Hazard Analysis and Critical Control Points for food safety. Learn More

FSSC 22000

Food Safety System Certification for food safety and quality. Learn More

Global G.A.P.

Good Agricultural Practices for quality agricultural produce. Learn More


Good Distribution Practice for pharma and food sectors. Learn More


Good Manufacturing Practice for manufacturing sectors. Learn More


Good Laboratory Practice for systematic laboratory operations. Learn More


Restriction of Hazardous Substances for products in EU. Learn More


Food safety practices and systems as per Shariah, Islamic Law. Learn More


Food safety practices as per standards of Kashrut, Jewish Law. Learn More


Central Consumer Protection Authority for the rights of consumers Learn More


Personal Information Protection and Electronic Documents Act. Learn More

Let's Work Together

European Assessment and Certification Ltd.
19, Layton Crescent, Slough, SL38DP, UK.
Company Number 12819256

+44 7471 048859

13 + 10 =