What is HIPAA?

HIPAA is the Health Insurance Portability and Accountability Act (HIPAA) enacted by Congress and signed into law in August 1996. Title I of the act primarily addressed the protection of health insurance coverage when an individual changed or lost their job.
Title II of the act includes Administrative Simplification provisions which includes:

  • Electronic health transaction standards and code sets – The implementation of a national standard for transmitting health data electronically and the use of standard code sets that describe diseases, injuries and other health problems.
  • Unique identifiers – A system that uses one identification number per employer, health plan or payer and health care provider to simplify administration.
  • Security – The safeguard for the storage, access and transmission of electronic patient information.
  • Privacy – Limits the use or disclosure of protected health information to a minimum necessary standard. Provides the right to see and get copies of records, request amendments to records and learn details of certain disclosures of their records.

The Act has been implemented through regulations, most of which have now been finalized by the accountable Federal agencies. Each component has specific compliance enforcement dates:


October 16, 2002

Electronic Health Care Transactions and Code Sets - all covered
entities except those who filed for an extension and are not a small health plan.

April 14, 2003

Privacy Rule (Small Health Plans 4/14/2004)

October 16, 2003

Electronic Health Care Transactions and Code Sets - specifically named version 4010A1 of the X12 Transactions and compliant code sets (such as ICD-9 for diagnosis and procedure codes)

July 30, 2004

Employer Identifier Standard (Small Health Plans 8/1/2005)

April 20, 2005

Security Standards (Small Health Plans 4/20/2005)

May 23, 2008

National Provider Identifier

January 1, 2012*

Electronic Health Care Transactions and Code Sets – mandate to transition to version 5010 of the X12 standard transaction.

October 1, 2013*

Electronic Health Care Transactions and Code Sets – Mandate to implement ICD-10 for diagnosis and procedure codes.

What is Davis Vision doing about HIPAA?

Davis Vision is fully committed to maintaining the highest levels of security and privacy for its members, providers and clients while ensuring adherence to all applicable Federal and State laws and regulations. Davis Vision is fully compliant with all HIPAA Title II rules as defined above and has established a department that can respond to your questions or provide additional information:

Davis Vision Privacy Office
P.O. Box 1416
Latham, NY 12110-1416
Phone: 1-800-571-3366
Fax: 1-866-999-4640
Email: privacy@davisvision.com

*Davis Vision is reviewing the final rule language and creating plans to ensure full compliance by the enforcement date.  These rules are for the transition of standard transactions from the current version (4010A1) to version 5010 of the X12 transactions and the migration from ICD-9-CM to ICD-10-CM diagnosis codes.

If you are a Provider, Benefit Administrator, Clearinghouse or third party vendor and wish to send and receive HIPAA transactions with Davis Vision, please contact our Customer Data Management Department to discuss implementation. They can be reached as follows: 

Customer Data Management
Davis Vision
711 Troy Schenectady Road
Latham, NY 12110-2488
Email: custdatamgt@davisvision.com
Fax: (518) 220-6030

Want to learn more about HIPAA?

The following web link will take you from the Davis Vision website to the U.S. Department of Health and Human Services page that contains information regarding HIPAA and the Administrative Simplification Act. The website address is: http://www.cms.gov/HIPAAGenInfo/