Congress passed the Health Insurance Portability and Accountability Act (HIPAA) in 1996 to reform health care. HIPAA's administrative simplification standards are intended to streamline industry inefficiencies, reduce paper work, and protect the privacy of individual health information. There are three components to HIPAA's administrative simplification standards:

  • Security Standards—Compliance deadline for small health plans was April 21, 2006
  • Privacy Standards—Compliance deadline for small health plans was April 14, 2004
  • Electronic Data Interchange (EDI) Standards—Compliance deadline was October 2003

Most cities with employer-sponsored health plans will need to comply with certain aspects of the security and privacy rules, as well as any business associates that work with the city on its group health plans, such as third party administrators and/or the city's agent, broker, and/or benefits consultant.

HIPAA compliance resources

The League, in cooperation with Darcy Hitesman of HaynesHitesman law firm, has developed a number of tools to help member cities with HIPAA compliance activities—especially as it relates to the privacy and security rules.

Return to Benefits page