The Health Insurance Portability and Accountability Act (HIPAA) was signed into law by Bill Clinton in 1996. However, it has undergone several substantial revisions, including the Breach Notification Rule in 2009, the Security Rule in 2003, and the HIPAA Privacy Rule in 2000.
HIPAA was first created to enhance the healthcare system and streamline the management of healthcare, but, over time, its parameters have subsequently been enlarged. It now addresses patient privacy, healthcare information uses and disclosures, and data protection.
Organizations exposed to protected health information (PHI) are required to have network, procedural, and physical security criteria in place and adhere to them to comply with HIPAA.