Welcome to the California Department of Alcohol and Drug Programs

HIPAA, Privacy & Security

Overview

The Health Insurance Portability and Accountability Act (HIPAA), also known as the Kassebaum-Kennedy bill, became public law (P.L. 104-191) on August 21, 1996. HIPAA was introduced as a bill to improve the portability and continuity of health insurance coverage in group and individual markets; to combat waste, fraud and abuse in health insurance and health care delivery; to improve access to services and coverage; and to simplify the administration of health insurance.

HIPAA includes Administrative Simplification (AS) requirements intended to improve the efficiency and effectiveness of the entire health care system through the national standardization of electronic transactions and code sets. The HIPAA Privacy Rule establishes requirements for the handling of certain health care information to ensure privacy of patient health care data. Other AS rules will address unique health identifiers, security provisions, and enforcement.

All health care providers, health plans, and health care clearinghouses that transmit health information electronically are defined as “covered entities” and are required to comply with HIPAA. A health care provider is any person or organization who furnishes, bills, or pays for health care in the normal course of business. Health care is defined as care, services, or supplies provided to a patient, including assessment and counseling related to the physical or mental condition of an individual.

Since the Department of Alcohol and Drug Programs (ADP) pays alcohol and other drug (AOD) health care providers through the Drug Medi-Cal (DMC) Program, it is considered a covered entity.
California’s AOD programs are currently required to comply with stringent confidentiality rules under federal regulations. HIPAA will not eliminate or change these rules, only strengthen safeguards for patient confidentiality.

ADP’s HIPAA Compliance Unit was established to develop and implement policies and procedures to comply with HIPAA requirements. The unit is located within the Program Services Division. The HIPAA Compliance Unit also coordinates with the California Office of HIPAA Implementation, the oversight body for all State programs affected by HIPAA.