Health Insurance Portability and Accountability Act (HIPAA)

NACO Countyline Articles

Overview of HIPAA - Counties Must Begin to Prepare (July 2002)
HIPAA Compliance Deadlines Upcoming; Information Available on NACO Web Site (August / September 2002)


Record Nations History on HIPAA


HIPAA (Public Law 104-191)
Code of Federal Regulations (Cornell's Legal Information Institute)
HIPAA for Professionals
HIPAA Glossary
Centers for Medicare and Medicaid Services (CMS)
U.S. Department of Health and Human Services - Office for Civil Rights
Medicare Learning Network

State Association Sites

National Committee on Vital and Health Statistics (NCVHS)
Workgroup for Electronic Data Interchange (WEDI)
Designated Standards Maintenance Organization (DSMO)
Health Level Seven (HL7) [standards for claims attachments]
Washington Publishing Company (WPC)  [provides implementation guides]
Public Health Data Standards Consortium (PHDSC)
National Council for Prescription Drug Programs (NCPDP)
Health Privacy Project

Security Information

SANS.org (security-related information)
Model Security Policies - [Including but not limited to acceptable encryption policy, acceptable use policy, analog/ISDN line policy, anti-virus process, audit policy, dial-in access policy, extranet policy, information sensitivity policy,  internal lab security policy, password protection policy, remote access policy, risk assessment policy, virtual private network (VPN) policy]

May a covered entity collect, use, and disclose criminal justice data under HIPAA?