Enterprise HealthHIPAAHealth Insurance Portability and Accountability Act
The federal law that sets national standards for protecting the privacy and security of personal health information.
Key facts
- Sets national Privacy and Security Rule standards for protecting PHI.
- Enforced by the HHS Office for Civil Rights.
- Occupational records may fall under ADA/OSHA, but a certified EHR still safeguards them.
What it means
HIPAA's Privacy and Security Rules govern how protected health information (PHI) is used, disclosed and safeguarded. For occupational health the line is nuanced: records created purely for employment purposes may fall under the ADA and OSHA rather than HIPAA, but a certified EHR still protects them with encryption, audit logging and role-based access. Keeping clinical data separate from what an employer can see is a core design requirement.
Frequently asked
Is occupational-health data covered by HIPAA?
It depends on context. Employment records held by an employer in its role as employer are generally excluded from HIPAA, but the same data handled by a covered health-care provider or plan is protected. Enterprise Health applies certified-EHR safeguards regardless and uses access controls to keep clinical detail separate from employer-visible information.
Make compliance a by-product, not a project.
See how Enterprise Health automates OSHA recordkeeping, surveillance and reporting inside one system.