Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules protect the privacy and security of health information and provide individuals with certain rights to their health information. You play a vital role in protecting the privacy and security of patient information.
The HIPAA Privacy Rule establishes standards to protect PHI held by these entities and their business associates: Health plans Health care clearinghouses Health care providers that conduct certain health care transactions electronically When "you" is used in this fact sheet, we are referring to these entities and persons. The Privacy Rule gives individuals important rights with respect to their protected PHI, including rights to examine and obtain a copy of their health records in the form and manner they request, and to ask for corrections to their information. Also, the Privacy Rule permits the use and disclosure of health information needed for patient care and other important purposes.
The Privacy Rule protects PHI held or transmitted by a covered entity or its business associate, in any form, whether electronic, paper, or verbal. PHI includes information that relates to all of the following: The individual's past, present, or future physical or mental health or condition The provision of health care to the individual The past, present, or future payment for the provision of health care to the individual PHI includes many common identifiers, such as name, address, birth date, and Social Security number.