THE HIPAA
SECURITY REGULATIONS
The Administrative Simplification Provisions of the
Health Insurance Portability and
Accountability Act of 1996 (HIPAA)
The HIPAA security regulations are administered by the
Centers for Medicare & Medicaid Services and included below are the regulations and supporting documentation
released by CMS, as well as relevant statutory provisions.
The Statute: The Health Insurance Portability and Accountability Act of
1996 - Relevant Portions
The Administrative Simplification Provisions of the HIPAA statute
Statutory Penalities for Noncompliance
Final Regulations on Security Standards
The final HIPAA security regulations were published on February 20, 2003 in the
Federal Register. The regulations are effective April 14, 2003 and covered entities have until April 14, 2005 to
be in compliance. Note that although the proposed rule included a standard for electronic signatures, the final
rule did not adopt those standards.
Final regulations in pdf format
Final regulations in html format
Appendix to the Security Regulations
Appendix matrix in the final security regulations.
Frequently
Asked Questions: HIPAA Security
FAQ developed by the Centers for Medicare & Medicaid Services regarding the HIPAA security
regulations.
CMS HIPAA Security Educational Paper Series
A series of white papers from the Centers for Medicare & Medicaid Services on various aspects of the HIPAA security regulations.
Part 1: Security 101 for Covered Entities
Part 2:
Administrative Safeguards
Part 3:
Physical Safeguards
Part 4:
Technical Safeguards
Part 5:
Organizational, Policies & Procedures & Documentation Requirements
| 
