HIPAA stands for Health Insurance Portability and Accountability Act. It is a federal law passed in 1996 as an attempt at further health care reform, and experts consider it to be Medicare's main health care bill in 1965.
HIPAA compliance support intends to reform the healthcare business by reducing expenses, simplifying organizational processes and burdens, and improving the confidentiality and security of patient information. Two separate and distinct laws fall under the HIPAA umbrella: HIPAA privacy and HIPAA security.
Image Source: Google
HIPAA Privacy relates to the protection and privacy of individuals' protected health information (PHI) while HIPAA security relates to the protection and privacy of individuals' protected health information in electronic form (ePHI).
HIPAA privacy is what most of us think of when we hear the term HIPAA (HIPAA awareness training, privacy practice advice, authorization forms, etc.), whereas HIPAA security is the focus of IT, electronic security, disaster recovery, etc.
HIPAA compliance has two main components: one is the training of HIPAA employees and the other is the implementation processes, procedures, and forms related to HIPAA.
While many of the regulations at HIPAA may seem plausible, imagine that they only provide some level of standardization so that people and organizations care about what is expected of each other.
HIPAA compliance doesn't have to be a complicated process, and once set up, maintenance can be relatively low.