HIPAA Privacy Rule — Corrective action / RA

Full description

Navigate to: HIPAA for Professionals Regulatory Initiatives Privacy Summary of the Privacy Rule Guidance Combined Text of All Rules HIPAA Related Links Security Security Rule NPRM Summary of the Security Rule Security Guidance Cyber Security Guidance Breach Notification Breach Reporting Guidance Reports to Congress Regulation History Compliance & Enforcement Enforcement Rule Enforcement Process Enforcement Data Resolution Agreements Case Examples Audit Reports to Congress State Attorneys General Special Topics Parental Access Mental and Behavioral Health Change Healthcare Cybersecurity Incident FAQs HIPAA and COVID-19 HIPAA and Reproductive Health HIPAA and Final Rule Notice HIPAA and Telehealth HIPAA and FERPA Research Public Health Emergency Response Health Information Technology Health Apps Patient Safety Covered Entities & Business Associates Business Associate Contracts Business Associates Training & Resources FAQs for Professionals Other Administrative Simplification Rules Substance Use Disorder Confidentiality The HIPAA Privacy Rule The HIPAA Privacy Rule establishes national standards to protect individuals' medical records and other individually identifiable health information (collectively defined as “protected health information”) and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically. The Rule requires appropriate safeguards to protect the privacy of protected health information and sets limits and conditions on the uses and disclosures that may be made of such information without an individual’s authorization. The Rule also gives individuals rights over their protected health information, including rights to examine and obtain a copy of their health records, to direct a covered entity to transmit to a third party an electronic copy of their protected health information in an electronic health record, and to request corrections.The Privacy Rule is located at 45 CFR Part 160 and Subparts A and E of Part 164.Click here to view the combined regulation text of all HIPAA Administrative Simplification Regulations found at 45 CFR 160, 162, and 164.Privacy Rule HistoryApril 26, 2024 - HIPAA Privacy Rule to Support Reproductive Health Care Privacy - Final RuleApril 17, 2023 - HIPAA Privacy Rule to Support Reproductive Health Care Privacy - Proposed RuleMarch 10, 2021 - Extension of Comment Period for Modifications to the HIPAA Privacy Rule to Support, and Remove Barriers to, Coordinated Care and Individual Engagement – Proposed RuleJanuary 21, 2021 - Modifications to the HIPAA Privacy Rule to Empower Patients, Improve Coordinated Care, and Reduce Regulatory Burdens - Proposed RuleDecember 14, 2018 - Modifying the HIPAA Rules to Improve Coordinated Care - Request for InformationJanuary 6, 2016 - HIPAA Privacy Rule and the National Instant Criminal Background Check System (NICS) - Final RuleFebruary 6, 2014 - Patients' Access to Test Reports Under the HIPAA Privacy Rule and the Clinical Laboratory Improvement Amendments of 1988 (CLIA) Program - Final RuleJanuary 7, 2014 - HIPAA Privacy Rule and NICS - Proposed RuleApril 23, 2013 - HIPAA Privacy Rule and NICS - Advance Notice of Proposed RulemakingJanuary 25, 2013 - Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules under the Health Information Technology for Economic and Clinical Health (HITECH) Act and the Genetic Information Nondiscrimination Act, and Other Modifications - Final Rule (The "Omnibus HIPAA Final Rule")September 14, 2011 - Patients' Access to Test Reports Under the HIPAA Privacy Rule and CLIA Program - Proposed RuleMay 31, 2011 - HIPAA Privacy Rule Accounting of Disclosures Under the HITECH Act - Proposed RuleJuly 14, 2010 - Modifications to the HIPAA Privacy, Security, and Enforcement Rules under the HITECH Act - Proposed RuleMay 3, 2010 - HIPAA Privacy Rule Accounting of Disclosures Under the HITECH Act - Request for InformationOctober 7, 2009 - HIPAA Privacy Rule; Modifications Under the Genetic Information Nondiscrimination Act - Proposed RuleAugust 14, 2002 - Modifications to the HIPAA Privacy Rule - Final Rule (PDF)March 27, 2002 - Modifications to the HIPAA Privacy Rule - Proposed Rule (PDF)February 28, 2001 - Request for Comments on December 28, 2000, Final HIPAA Privacy Rule (PDF)February 26, 2001 - Correction of Effective and Compliance Dates of the Final HIPAA Privacy Rule (PDF)December 29, 2000 - Technical Corrections to the Final HIPAA Privacy Rule (PDF)December 28, 2000 - HIPAA Privacy Rule - Final Rule (PDF)November 3, 1999 - HIPAA Privacy Rule - Proposed Rule (PDF)Other Privacy Rule NoticesMarch 20, 2003 - Notice of Addresses for Submission of HIPAA Health Information Privacy Complaints (PDF)March 11, 2003 - Notice of Address for Submission of Requests for Preemption Exception Determinations (PDF)December 28, 2000 - Statement of Delegation of Authority to the Office for Civil Rights (PDF)Other Administrative Simplification RulesCode Set StandardsEmployer Identifier StandardNational Provider Identifier StandardSecurity RuleEnforcement RuleBreach Notification RuleTransactions Frequently Asked Questions for Professionals - Please see the HIPAA FAQs for additional guidance on health information privacy topics. Content last reviewed September 27, 2024