• Text Resize A A A
  • Print Print
  • Share Share Share Share

The HIPAA Privacy Rule

The HIPAA Privacy Rule establishes national standards to protect individuals’ medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.  The Rule requires appropriate safeguards to protect the privacy of personal health information, and sets limits and conditions on the uses and disclosures that may be made of such information without patient authorization. The Rule also gives patients rights over their health information, including rights to examine and obtain a copy of their health records, and to request corrections.

The Privacy Rule is located at 45 CFR Part 160 and Subparts A and E of Part 164

Click here to view the combined regulation text of all HIPAA Administrative Simplification Regulations found at 45 CFR 160, 162, and 164.

Privacy Rule History

Other Privacy Rule Notices

Omnibus HIPAA Rulemaking

  • HHS announces a final rule that implements a number of provisions of the HITECH Act to strengthen the privacy and security protections for health information established under HIPAA.

 

Frequently Asked Questions for Professionals - Please see the HIPAA FAQs for additional guidance on health information privacy topics.

Content created by Office for Civil Rights (OCR)
Content last reviewed on April 16, 2015
Back to Top