Health Insurance Portability and Accountability Act (HIPAA)

Additional HR Resources

Employee Health Plans
Hands-on advice for benefits, including consumer-driven health care

COBRA Compliance
How to comply with COBRA without getting bit

HIPAA Compliance
How to avoid expensive violations and penalties and small plan compliance

HIPAA Portability Regulations
Portability definitions, including "dependent" and "pre-existing condition"

Plans Under $5 Million
Answers to crucial questions related to HIPAA regulations

Employment Law in Your State
Where your state lawmakers and fellow employers stand

Federal Employment Law
Advanced warning on upcoming federal regulations and legislation

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that imposes portability, nondiscrimination, and certain other requirements on employer-sponsored health plans. There are also regulations covering how employers must protect employees’ medical privacy rights as well as the electronic disclosure of employees’ medical information.

HIPAA also requires you to cover employees’ and their dependents’ preexisting health conditions under certain circumstances, as well as to protect the privacy of health information.

HIPAA privacy regulations

The Act’s regulations prescribe the permitted uses and disclosures of individually identifiable health information by certain entities, including employers that have access to employee health information. In addition, the Americans with Disabilities Act (ADA) requires employers to keep confidential medical information in a file separate from all other employment or personnel files.

HIPAA nondiscrimination rules

The Act prohibits discrimination in group health plans in two areas: (1) eligibility to enroll in the plan and (2) premium rates. In general, HIPAA prohibits a plan from establishing eligibility rules or imposing a higher premium rate than the premium for similarly situated individuals based on a “health status-related” factor.

Such factors include health status, medical condition, claims experience, receipt of health care, medical history, genetic information, evidence of insurability (including conditions arising out of acts of domestic violence), and disability.

View all HR topics

Related articles on HIPAA from the State Employment Law Letters
designates additional valuable resources available exclusively to Employment Law Letter subscribers

Is your wellness program well? It's time for a HIPAA checkup: Oklahoma Employment Law Letter, June 2008
Don't let your employee wellness programs interfere with your company's good health: West Virginia Employment Law Letter, March 2008
Wellness programs: How to comply with new HIPAA rules without getting sick: NevadaEmployment Law Letter, October 2007
Violating company policy isn't always legitimate justification for termination: MaineEmployment Law Letter, August 2007
Wisconsin residents must be notified when third parties acquire personal information: Wisconsin Employment Law Letter, June 2007
HIPAA wellness regulations to take effect: Federal Employment Law Insider, May 2007
ERISA, visas, and HIPAA, oh my!: Georgia Employment Law Letter, April 2006

HR Tools for HIPAA

HR Executive Special Report - How to Evaluate & Manage Employee Health Plans
(available for purchase by nonsubscribers)
HR Executive Special Report - How to Comply with COBRA Without Getting Bit
(available for purchase by nonsubscribers)
Sample Policy - Eligibility for Benefits
Sample Policy - Health and Welfare Benefits
Sample Policy - Continuation of Health Benefit Coverages