: Requires covered entities to notify affected individuals, the HHS Secretary, and sometimes the media when a breach of unsecured PHI occurs.
: Enhances HIPAA and HITECH Act provisions, specifically increasing the responsibilities and liabilities of business associates. What is Protected Health Information (PHI)? data hipaa
The Health Insurance Portability and Accountability Act () of 1996 is the primary federal law in the U.S. governing the protection, privacy, and security of sensitive patient information. Core HIPAA Rules Compliance is generally centered around four main rules: : Requires covered entities to notify affected individuals,
: Mandates administrative, physical, and technical safeguards for electronic PHI (ePHI) to ensure its confidentiality, integrity, and availability. the HHS Secretary