The Health Insurance Portability and Accountability Act of 1996, or HIPAA, is a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI). HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).

The content and language has not changed, however, the format and structure have been updated and the Questionnaire can now be scored. Scoring is binary which means, the vendor get’s “credit” if they provide an answer that is compliant and “no credit” for answers that are considered “non-compliant”. All questions are weighted equally within the standard, however, when reviewing a completed Questionnaire, you can adjust the weight of the question based on the vendor's responses or commentary and unique risk tolerances.

For more information on HIPAA, click here.