: Requires covered entities to notify affected individuals, the HHS Secretary, and sometimes the media when a breach of unsecured PHI occurs.
: Enhances HIPAA and HITECH Act provisions, specifically increasing the responsibilities and liabilities of business associates. What is Protected Health Information (PHI)?
The Health Insurance Portability and Accountability Act () of 1996 is the primary federal law in the U.S. governing the protection, privacy, and security of sensitive patient information. Core HIPAA Rules Compliance is generally centered around four main rules:
: Mandates administrative, physical, and technical safeguards for electronic PHI (ePHI) to ensure its confidentiality, integrity, and availability.
: Sets national standards for protecting Protected Health Information (PHI) and grants patients rights to access and control their data.
