Privacy Rule

the fundamental HIPAA Rule

It's The basic and most important of the HIPAA Rules

The Privacy Rule:

  • Applies to all Protected Health Information (PHI) maintained or transmitted in any form or medium;
  • Establishes Permitted and Required Uses and Disclosures of PHI for Covered Entities and Business Associates;
  • Establishes special, specific rights every individual has concerning his or her own  own PHI; and
  • Requires administrative, technical and physical safeguards to protect the privacy of each individual’s PHI.

The Privacy Rule is the Basis for the Security and Breach Notification Rules 

Uses and Disclosures of PHI permitted or required by the Privacy Rule are the subject of both the Security and Breach Notification Rules. The Security Rule requires Covered Entities and Business Associates to protect against Uses and Disclosures of PHI not permitted or required by the Privacy Rule that is transmitted by Electronic Media or maintained in Electronic Media.

The Breach Notification Rule defines “Breach” as the Acquisition, Access, Use or Disclosure of PHI in a manner not permitted by the Privacy Rule which compromises the Security or Privacy of the PHI.

Privacy Rule in the Code of Federal Regulations

The official text of the Privacy Rule in the Code of Federal Regulations (CFR) is difficult to follow. It is much longer than the Security Rule or Breach Notification Rule with internal references that interrupt its continuity. This surely reflects the inclusive, intermittent process by which the Privacy Rule was developed and has been modified by the U. S. Department of Health and Human Services (HHS) since 1996 as directed by Congress.

Privacy rule in the hIPAA E-Tool®

Privacy Rule Standards and Implementation Specifications are easy to follow when you know the steps. The HIPAA E-Tool® was created to untangle the Privacy Rule and present it in logical order with step-by-step Procedures and Forms. Privacy Rule Standards and Implementation Specifications are presented in logical order based on their subject to make them easy to understand and implement. Lengthy sections of the Privacy Rule are separated into cohesive policies, procedures and forms to make them easy to understand, follow and implement.

Search Box

The HIPAA E-Tool ® Search Box enables a user to find every Privacy Rule topic easily. Enter a word or phrase and one click brings an explanation on screen that includes direct links to the applicable Policy, Procedure or Form.