Skip to main content
U.S. flag

An official website of the United States government

Here’s how you know

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS
A lock (LockA locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

HHS.gov
  • About HHS
  • Programs & Services
  • Grants & Contracts
  • Laws & Regulations
  • HIPAA for Individuals
  • Filing a Complaint
  • HIPAA for Professionals
  • Newsroom

Breadcrumb

  1. HHS
  2. HIPAA Home
  3. For Professionals
  4. FAQ
  5. 2005-Is the Security Rule suspended during a national or public health emergency
  • Authorizations (30)
  • Business Associates (41)
  • Compliance Dates (2)
  • Covered Entities (14)
  • Decedents (9)
  • Disclosures for Law Enforcement Purposes (5)
  • Disclosures for Rule Enforcement (1)
  • Disclosures in Emergency Situations (2)
  • Disclosures Required by Law (6)
  • Disclosures to Family and Friends (28)
  • Disposal of Protected Health Information (6)
  • Facility Directories (7)
  • Family Medical History Information (3)
  • FERPA and HIPAA (10)
  • Group Health Plans (3)
  • Health Information Technology (41)
  • Incidental Uses and Disclosures (10)
  • Judicial and Administrative Proceedings (8)
  • Limited Data Set (6)
  • Marketing (18)
  • Marketing - Refill Reminders (16)
  • Mental Health (35)
  • Minimum Necessary (14)
  • Notice of Privacy Practice (20)
  • Personal Representatives and Minors (12)
  • Preemption of State Law (10)
  • Privacy Rule: General Topics (12)
  • Protected Health Information (2)
  • Public Health Uses and Disclosures (13)
  • Research Uses and Disclosures (20)
  • Right to Access and Research (58)
  • Right to an Accounting of Disclosures (8)
  • Right to File a Complaint (1)
  • Right to Request a Restriction (3)
  • Safeguards (13)
  • Security Rule (24)
  • Smaller Providers and Businesses (145)
  • Student Immunizations (8)
  • Telehealth (11)
  • Transition Provisions (3)
  • Treatment, Payment, and Health Care Operations Disclosures (30)
  • Workers Compensation Disclosures (5)

Is the Security Rule under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) suspended during a national or public health emergency?

Answer:

No, the Security Rule is not suspended during a national or public health emergency. The Secretary of HHS may waive sanctions and penalties arising from certain provisions of the Privacy Rule under the Project BioShield Act of 2004 (PL 108-276) and section 1135(b)(7) of the Social Security Act if the President declares an emergency or disaster and the Secretary declares a public health emergency.  However, these provisions have no application to the Security Rule. The Security Rule includes requirements for covered entities to ensure the confidentiality, integrity and availability of all electronic protected health information they create, receive, maintain or transmit. The rule further requires that covered entities protect against any reasonably anticipated threats or hazards to the security or integrity of such information. Other provisions of the Security Rule require covered entities to implement security measures that specifically contemplate emergency conditions. For example, covered entities must have contingency plans that establish policies and procedures for responding to an emergency or other occurrence (fire, system failure and natural disaster) that damages systems that contain e-PHI (45 CFR §164.308(a)(7)(i)). As with all HIPAA-related complaints, the Office for Civil Rights will evaluate complaints that arise during the course of a national or public health emergency on a case-by-case basis and exercise its discretion in taking enforcement action.  For more information on suspension of the Privacy Rule during a national or public health emergency, please see FAQ #1068.


Content created by Office for Civil Rights (OCR)
Content last reviewed July 26, 2013
Back to top
  • Contact HHS
  • Careers
  • HHS FAQs
  • Nondiscrimination Notice
  • HHS Archive
  • Accessibility
  • Privacy Policy
  • Viewers & Players
  • Budget/Performance
  • Inspector General
  • Web Site Disclaimers
  • EEO/No Fear Act
  • FOIA
  • The White House
  • USA.gov
  • Vulnerability Disclosure Policy

Sign Up for Email Updates

Receive the latest updates from the Secretary, Blogs, and News Releases.

Sign Up
HHS Logo

HHS Headquarters

200 Independence Avenue, S.W.
Washington, D.C. 20201
Toll Free Call Center: 1-877-696-6775​