TMA Home About TMA Human Resources Conferences TRICARE Contacts Feedback Site Map
 
Skip Navigation LinksTMA Home > Clinical Operations and Patient Care > TMA Privacy Office > HIPAA > Regulatory Requirements & Additional Resources
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Regulatory Requirements & Additional Resources

Federal Law

Health Insurance Portability and Accountability Act of 1996 (HIPAA) (Pub. L. 104-191)

HIPAA Privacy Rule (45 C.F.R. Parts 160 and 164)

HIPAA Security Rule (45 C.F.R. Parts 160 and 164)

Department of Defense (DoD)

DoD 6025.18-R, DoD Health Information Privacy Regulation, January 24, 2003

DoD 8580.02-R, DoD Health Information Security Regulation, July 12, 2007

DoDI 6025.18, Privacy of Individually Identifiable Health Information in DoD Health Care Programs, December 2, 2009

DoDD 5400.11, DoD Privacy Program, May 8, 2007

DoD 5400.11-R, DoD Privacy Program, May 14, 2007

DoD 8510.01, DoD Information Assurance Certification and Accreditation Process (DIACAP), November 28, 2007

DoDD 8500.1, Information Assurance (IA), October 24, 2002

DoDD 8500.2, Information Assurance Implementation, February 6, 2003

Assistant Secretary of Defense/Health Affairs (ASD/HA)

Reliance on an Electronic Signature on Form SSA-827 when Disclosing Protected Health Information to the Social Security Administration, July 26, 2012

TRICARE Management Activity (TMA)

Policy for TRICARE Management Activity Workforce Members who Access Personally Identifiable Information or Protected Health Information, March 15, 2011

TMA Privacy and Civil Liberties Office Best Practices for Safeguarding Laptops,
February 2011

Telework Program Guide for Safeguarding Personally Identifiable and Protected Health Information, July 2010

General Mapping of HIPAA Security Rule to Existing DoD Policies and IA Controls
This document represents an updated mapping of the HIPAA Security Rule to select DoD policies and IA controls. It does not constitute the rendering of legal advice or an exhaustive list of all possible mappings of the Security Rule to DoD policies or IA controls. The document is intended to provide general information and to allow different departments and components to customize the mapping according to their security policies.

Policy Memoranda

Health Affairs (HA) Policy 05-018, Expediting Veterans Benefits to Members with Serious Injuries and Illness, September 27, 2005

DoD/Veterans Affairs (VA) Sharing Memorandum of Understanding (MOU),
June 27, 2005

Additional Resources

National Institute of Standards and Technology (NIST) Computer Security Division Resource Computer Security Center

www.tricare.mil is the official Web site of the TRICARE Management Activity, a component of the Military Health System 7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101

The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site.