HIPAA, HITECH, and OSHA and How They Impact Healthcare in the United States: A Summary


HIPAA stands for the Health Insurance Portability and Accountability Act of 1996 1. It is responsible for creating national standards to protect sensitive patient information so that it is not shared without the patient’s consent or knowledge. The facilities and individuals who are subject to this act are called “covered entities” and include places that cover transactions such as claims, benefit eligibility inquiries, and referral authorization requests as well as health plans such as dental, health, vision, prescription drug insurers, Medicaid, Medicare, employer-sponsored groups, and so on 1. Healthcare clearinghouses and business associates that handle claims processing, data analysis, and billing are also included under the term “covered entities” 1.

This act is important to healthcare because without it medical professionals would be able to discuss personal information freely which could result in serious consequences for the patient. For instance, if an employer discovers that an individual has a disease that could possibly impede their work in the future, they may not hire the person. Although this is technically illegal, it still happens and HIPAA is another layer of protection against any sort of issue like this arising.


The Health Information Technology for Economic and Clinical Health Act (HITECH) was implemented in 2009 as a part of the American Recovery and Reinvestment Act 2. It was created to “promote the adoption and meaningful use of health information technology” 2. It outlines penalties for any violation of privacy and security concerns regarding healthcare and technology. There are four categories of violations that have increasing levels of culpability and penalty amounts with a maximum of a $1.5 million fine. It is important to note that this act does state that the violation must be reported within a 30-day time period as long as the violation was not due to willful neglect 2.

HITECH is important to public health due to the fact that all of healthcare is moving towards having advanced technology and communications, if they are not there already. While some aspects of the medical field may get entirely taken over by technology in the future, the other aspects will utilize technology for communications, data retrieval, information storage, etc. via electronic health records (EHR) 2. If the information collected and stored via this technology gets leaked, it could be detrimental to the patients and facilities that are impacted.


OSHA, or the Occupational Safety and Health Administration ensures “safe and healthful” work conditions in the United States 3. It was created by the Occupational Safety and Health Act of 1970. Unlike the previously discussed acts, this does not only impact healthcare but almost all workplaces and is run by the United States Department of Labor. Primarily, the administration sets and enforces standards by providing training, outreach, education, and assistance. They also receive complaints and will inspect workplaces if it is suspected that they are not up to governmental standards and are creating hazardous conditions for their workers 3.

OSHA is extremely important in terms of healthcare because without a governing body ensuring that workplace standards are being met, healthcare professionals could get lazy and provide unprofessional and possibly even harmful care to patients. That is without mentioning the danger that could come to the professionals themselves if precautions such as the sterile field are broken. Without this act, the quality of workplaces may go back to how they were several decades ago when companies did not care about their employee’s health and only cared about the bottom line for financial gain.


  1. Centers for Disease Control and Prevention (CDC). Health Insurance Portability and Accountability Act of 1996 (HIPAA). Centers for Disease Control and Prevention, https://www.cdc.gov/phlp/publications/topic/hipaa.html, Published June 27, 2021, Accessed February 3, 2023.
  2. United States Department of Health and Human Services (HHS). HITECH Act Enforcement Interim Final Rule. HHS. https://www.hhs.gov/hipaa/for-professionals/special-topics/hitech-act-enforcement-interim-final-rule/index.html, Published June 16, 2017, Accessed February 3, 2023.
  3. United States Department of Labor OSHA. About OSHA.  United States Department of Labor. https://www.osha.gov/aboutosha#:~:text=OSHA%27s%20Mission,%2C%20outreach%2C%20education%20and%20assistance, Accessed February 3, 2023.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: