There are some interesting rumors surrounding the origin of HIPAA laws. Rumor has it that HIPAA laws were created because a senator wanted to cover up his wife’s plastic surgery. Crazy, right?!

“My boss is convinced that the reason that HIPAA laws came into existence was because of the actions of the wife of a senator, who had cosmetic surgery, and whose medical chart was seen by someone who then spread the word that this woman had cosmetic surgery. She found out and then prompted her husband to do something about it, and he took action and began what we now know as HIPAA laws.”

Contrary to popular belief, this wasn’t the case.  President Bill Clinton signed the Health Insurance Portability and Accountability Act (HIPAA) in 1996 to set standards for protecting the privacy of individually identifiable health information. Like any political decision, some were skeptical about the bill’s purpose and implementation.

Many in the healthcare industry asked: Would it be possible to provide efficient healthcare while complying with all of HIPAA’s requirements? What did protecting the confidentially of patient health information mean? How would the standards set forth by HIPAA be enforced? Would these standards interfere with the relationships between patients and healthcare providers?

It was this initial frustration experienced by healthcare providers that sparked the previously mentioned rumor but, the history of HIPAA has little to do with a self-conscious senator’s wife. In fact, when the Kennedy-Kassebaum bill (which would later become HIPAA) was introduced, the legislation had more to do with keeping up with technology and the modernization of medical records.

The origins of HIPAA can be traced back to the early 1990s when technological developments began to make it more efficient for the healthcare sector to computerize medical records creating a need for new standards regarding the management of healthcare data.

According to an article published by the National Center for Biotechnology Information, HIPAA was initially created with two main goals:

  1. To make health care delivery more efficient
  2. To increase the number of Americans with health insurance coverage.

One way this was accomplished was by creating a standard for electronic health records. This allowed patients to change doctors, leave jobs, switch insurance, etc., without unnecessary paperwork. But HIPAA also made health records more accessible, which in turn led to a greater need for privacy laws, so attendant privacy regulations were proposed by the Department of Health and Human Services (HHS) in 1999 and finalized the following year.

HIPAA has a long and complicated history that started when hospitals began switching from paper to digital records. This digitization of medical records, and not a senator’s attempt to cover up his wife’s cosmetic surgery led to HIPAA’s privacy rules.


Rumor: HIPAA Laws started because a senator wanted to cover up his wife’s plastic surgery

David Mikkelson 2015

Nass, SJ “Beyond the HIPAA Privacy Rule: Enhancing privacy, improving health through research.”

National Academic Press 2009

Solove, Daniel “HIPAA turns 10: Analyzing the past, present, and future impact.”

Journal of AHIMA April 2013