What is HIPAA? HIPAA stands for Health Insurance Portability and Accountability Act of 1996. HIPAA is a federal law that requires healthcare plans, healthcare clearinghouses and most healthcare providers (all known as Covered Entities) to implement certain privacy and security protections for individually identifiable health information (known as “protected health information” or PHI). HIPAA, as modified and expanded by the Health Information Technology for Economic and Clinical Health (HITECH) Act, also mandates that Covered Entities contractually require their “Business Associates” with access to PHI to implement HIPAA’s privacy and security protections.