The Health Insurance Portability and Accountability Act (HIPAA) assures that an individual's health information is protected according to all legal requirements.  HIPAA privacy rules give patients greater access to their own medical information and more control over how their personal information is used.  The DHHS Privacy Office is responsible for the implementation of privacy policies and procedures required by Federal and state law.  The Privacy Office also monitors, reviews and investigates activities within DHHS to assure compliance with all privacy rules, regulations and laws.

Health Care Providers and Organizations 

HIPAA establishes standards for health care providers, insurance providers, government agencies and other health related organizations that use and share health information.  Every health care provider or service that transmits health information electronically must comply with the HIPAA standards to insure an individual's rights and privacy.

Protected Health Information  

HIPAA safeguards "individually identifiable health information" in any form, whether electronic, paper, or oral.  Individually identifiable information includes name, address, date of birth or Social Security number, and health care information such as a past or present physical or mental condition.