Overview
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that required the creation of national standards to protect sensitive patient health information (PHI) from being disclosed without the patient's consent or knowledge.
Key Rules
- Privacy Rule: Sets standards for when PHI can be used and disclosed.
- Security Rule: Sets national standards for protecting the confidentiality, integrity, and availability of electronic PHI (ePHI).
- Breach Notification Rule: Requires covered entities to notify individuals and the government of a breach of unsecured PHI.
Covered Entities
Includes healthcare providers, health plans, and healthcare clearinghouses, as well as their business associates.