The federal law setting privacy and security standards for protected health information.
The Health Insurance Portability and Accountability Act (1996) establishes federal standards for protecting individually identifiable health information. The Privacy Rule limits how covered entities (most healthcare providers, health plans, and clearinghouses) can use and disclose protected health information (PHI); the Security Rule sets technical safeguards.
For employers, HIPAA mostly matters in two contexts: group health plan administration (the plan is a covered entity), and any healthcare-adjacent workforce (medical practices, dental offices, behavioral health). Employer-administered HR functions are generally NOT covered by HIPAA, but the line gets blurry when health plan information is involved.
PEOs administering group health plans handle HIPAA compliance on the plan side. For healthcare-industry clients, the PEO's HR support may include HIPAA workforce training and policies.
The federal law setting privacy and security standards for protected health information.
The Health Insurance Portability and Accountability Act (1996) establishes federal standards for protecting individually identifiable health information.
Most PEO buying decisions touch several related concepts at once. HIPAA typically comes up alongside the other terms in this category. Closely related terms include Group health insurance, Employee Retirement Income Security Act (ERISA).
This is one entry from our PEO glossary covering payroll, benefits, workers comp, HR compliance, and PEO mechanics. Browse all terms.
Our team has helped 500+ businesses across SaaS, service trades, professional services, and healthcare evaluate PEO options and place them with the right provider. We are paid only by PEO partners after a fit, never marked up to you.
We run independent PEO comparisons across 40+ providers — free to buyers. Tell us about your business and we\'ll match you.
Compare PEO options