Who/What: The Department of Health and Human Services (HHS) established the Privacy Rule as part of HIPAA to require “covered entities” such as health care providers, health insurance providers and health care clearinghouses to protect patients’ health information.
Explore This IssueNovember 2011
Why: The Privacy Rule was passed to protect patients’ medical information, especially when it is transferred electronically.
In Practice: Covered entities must adhere to standards of transacting information and inform patients of their rights under the Privacy Rule.
Update: On February 17, 2009, Congress passed the Health Information Technology for Economic and Clinical Health (HITECH) Act as part of the American Recovery and Reinvestment Act of 2009. The HITECH Act encourages health care providers to adopt health information technology and coincides with provisions for patients’ rights to privacy of information in HIPAA.