Health Information Privacy and Security

Ensuring privacy and security of health information is a key component to building trust with your patients as you implement and use Health IT. The HIPAA Privacy and Security Rules—including the HIPAA Omnibus Rule, which took effect on September 23, 2013—protect the privacy and security of individually identifiable health information. It’s important to learn about the rules and what you can do to protect health information privacy and security.

Health IT Privacy and Security Resources

To learn about health information privacy and security and for Health IT privacy and security resources, check out the U.S. Department of Health & Human Services Office for Civil Rights (OCR’s) Frequently Asked Questions. OCR answers FAQs about several Health IT privacy and security topics, including:

• Business Associates
• Covered Entities
• Disposal of Protected Health Information
• Family Medical History Information
• Health Information Technology
• Minimum Necessary
• Privacy Rule
• Protected Health Information
• Public Health Uses and Disclosures
• Right to Access Medical Records
• Safeguards
• Security Rule
• Smaller Providers and Businesses
• Treatment, Payment, and Health Care Operations

If you don’t see the information you’re looking for here, check out OCR’s Health Information Privacy page for more information and resources.

For More Information

For more information about Health IT privacy and security, see the following Health IT privacy and security resources.

• Health IT Privacy and Security Resources
• Health Information Privacy and Security: A 10 Step Plan
• Integrating Privacy & Security Into Your Practice
• HealthIT.gov Privacy and Security FAQs
• Privacy & Security Training Games