General Information

The Department of Health and Human Services (HHS) issued the Standards for Privacy of Individually Identifiable Health Information (the Privacy Rule) under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to provide the first comprehensive Federal protection for the privacy of personal health information.

This Rule set national stands for the protection of health information, as applied to the three types of covered entities: health plans, health care clearinghouse, and health care providers who conduct certain health care transactions electronically. By the compliance data of April 14, 2003, (April 14, 2004, for small health plans) covered entities were to implement standards to protect and guard against the misuse of individually identifiable health information.

The privacy Rule establishes as foundation of Federal protections for the privacy of protected health information. The Rule does not replace Federal, State, or other law that grants individuals even greater privacy protections, and covered entities are free to retain or adopt more protective policies or practices.

The final Privacy Rule is posted on the DHHS website: http://www.hhs.gov/ocr/hipaa/finalreg.html

Notice of Privacy Practices

Notice of Privacy Practices English | Español

Forms

Authorization for Release of Patient Information (MH5671)