It regulates the creation and handling of personal health care information. It protects the way patients medical information is stored and shared. According to this scenario patient medical records and other data should meet HIPAA standards. Its original purpose was to protect people from losing their health insurance if they change jobs or have pre existing health conditions. It helps reduce the cost and administrative burdens of health care transactions.

In-order to be HIPAA compliant you must do the following :

• Analyze the vulnerability of patients medical record that are stored
• Make sure that all health information/PHI is encrypted
• Create and implement policies to address PHI that has been stolen
• Only work with partners and vendors that can assure the security of your patients information
• Give patients electronic access to their medical records
• Protect patient information from insurance providers if procedures are paid for out of pocket
• Share the privacy policy with patients via individual communication, posts, mails or post it on the website