HIPAA Basics
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the main Federal law that protects health information. The HIPAA Privacy and Security Rules protect the privacy and security of individually identifiable health information. HIPAA Rules have detailed requirements regarding both privacy and security.
The HIPAA Privacy Rule covers protected health information (PHI) in any medium, while the HIPAA Security Rule covers electronic protected health information (ePHI).
Privacy & Security
The privacy and security of patient health information is a top priority for patients and their families, healthcare providers and professionals, and the government. Federal laws require many of the key persons and organizations that handle health information to have policies and security safeguards in place to protect your health information — whether it is stored on paper or electronically.
HIPAA for Consumers
Patients and healthcare consumers can learn about their rights under HIPAA, which include privacy, security, and the right to access their own health information.
HIPAA for Providers
Healthcare providers have rights and responsibilities defined under HIPAA related to the health information they store about patients, whether in electronic or non-electronic form.
HIPAA for Regulators
The Office for Civil Rights (OCR) is the main federal agency responsible for informing and protecting the public about health information privacy rights. Regulators can learn more about their work by visiting the OCR’s web site.
Additional Resources
HIPAA versus State Laws
Besides the Federal HIPAA law, other laws in each state and locality may also define how health care information may be used and must be protected.
Learn More