The Health Insurance Portability and Accountability Act (HIPAA) is a law passed by the U.S. Congress in 1996 to create national standards to protect individuals' medical records and other personal health information. It requires covered entities such as health insurers and health care providers to protect the privacy and security of protected health information, and gives individuals the rights of access and control over their personal data.