Home |  Contact |  Site Map

 
  Firm Information  |  Attorneys  |  Industries   |  Practices   |  Publications   |  Seminars   |  Recruiting   |  Resource Centers
 

Search HIPAA






Related Services

Health Care
Insurance
Employment
 
   Health & Insurance

Return to HIPAA Home Page

The HIPAA privacy regulations are administered by the Office For Civil Rights of the U.S. Department of Health and Human Services. The security regulations are administered by the U.S. Department of Health and Human Services.

The Statutes

The Health Insurance Portability and Accountability Act of 1996
Relevant Portions

H.R. 1: The American Recovery and Reinvestment Act of 2009
Includes the conference committe report on the HIPAA provisions and the full text of the legislative changes

The Regulations

Enforcement Regulations
Interim final rule on the HIPAA enforcement regulations to provide for the increased penalties based on the four tiers of culpability, published by HHS on October 30, 2009.

Complete Text of the Breach Notification for Unsecured Protected Health Information Regulations
Interim final rules from HHS published in the Federal Register on August 24, 2009.

The HIPAA Regulations Section-By-Section
Index to and text of the privacy and security regulations by section with commentary from the Federal Register. UPDATED TO INCLUDE NOTICATION IN THE EVENT OF A BREACH REGULATIONS OF AUGUST 24, 2009

Complete Text of the HIPAA Privacy Regulations
This full text version from the HHS Office of Civil Rights includes the complete text of the regulation, including the August 2002 revisions. Note that these regulations DO NOT include changes made in February 2009 by H.R. 1.

HIPAA Security Regulations
Full text of the security regulations published February 20, 2003. Note that these regulations DO NOT include changes made in February 2009 by H.R. 1.

Privacy Guidance and Interpretation

Instructions for Submitting Notice of a Breach to the Secretary
The U.S. Department of Health and Human Services has added to its website "Instructions for Submitting Notice of a Breach to the Secretary", including instructions and template notice for when the breach involves over 500 individuals and the annual reporting for breaches involving less than 500 individuals.

Notification When Breach of Unsecured PHI
Guidance and request for comments issued on April 17, 2009 by HHS. This guidance relates to two forthcoming breach notification regulations – one to be issued by HHS for covered entities and their business associates and one issued by the Federal Trade Commission for vendors of personal health records and other non-HIPAA covered entities.

Case Examples and Resolution Agreements
HHS Office of Civil Rights examples of how covered entities can effectively comply with the requirements of the privacy rule, with case examples of the corrective actions that OCR obtains from covered entities through enforcement actions.

Frequently Asked Questions About the Disposal of Protected Health Information
HHS Office of Civil Rights guidance on disposal of PHI

Frequently Asked Questions About Family Medical History Information
HHS Office of Civil Rights guidance on the sharing of family medical information

Joint Guidance on the Application of the Family Educational Rights and Privacy Act and HIPAA To Student Health Records
November 2008 guidance from HHS and the Department of Education

Frequently Asked Questions and Answers
Guidance from HHS in the form of frequently asked questions and answers released December 3, 2002.

First Guidance on the Final Privacy Rule
On July 6, 2001, the Department of Health and Human Services released this Privacy Guidance Document providing answers to questions regarding the final HIPAA privacy regulations. The Guidance lists areas of the regulations where further changes are planned.

Business Associate Agreements and Surveys and Accreditation
March 2003 letter from CMS to state survey agencies regarding business associate agreements and their relationship to state surveys and accreditation.

Protecting Personal Health Information in Research: Understanding the HIPAA Privacy Rule
April 2003 release from U.S. Department of Health and Human Services providing general background information on HIPAA privacy and specific and detailed information on research studies under HIPAA.

Additional Guidance on Research
April 2003 letter from the Director of the Office of Civil Rights to Eli Lily & Company, offering additional guidance on research and the privacy regulations.

Security Guidance and Interpretation

HIPAA Security Guidance for Remote Use of and Access to Electronic Protected Health Information
December 2006 guidance on the security requirements with remote computers.

HHS HIPAA Security Series
Series of educational material on complying with the HIPAA security regulations.

 

 

 
Subscribe to
HIPAA E-Alerts

Sign up to receive HIPAA Privacy & Security E-Alerts
Subscribe to HIPAA E-Alerts

Archived HIPAA E-Alerts
 

Highlights


Subscribe to the HIPAA Self-Assessment and Compliance Guide For Health Care Providers and Health Plans -- A guide for complying with the new 2009 HIPAA requirements in the Recovery Act and updated to include the new breach notification regulations.
 

 

Copyright 2005-2010, Bricker & Eckler LLP, all rights reserved.  Please read our Privacy Notice.
The words Bricker & Eckler and its logo are registered trademarks of Bricker & Eckler LLP. DISCLAIMER