Last updated: November 4, 2020

The Health Insurance Portability and Accountability Act (HIPAA) Privacy, Security, and Breach Notification Rules protect the privacy and security of health information and provide individuals with certain rights to their health information.

The Health and Human Services Office for Civil Rights (2016), enforces the HIPAA Privacy, Security, and Breach Notification Rules. Violations may result in civil monetary penalties. In some instances, criminal penalties may be enforced by the U.S. Department of Justice.

This module describes the HIPAA, the Privacy Security Rule and the Breach Notification Rule. It will also cover how and when to disclose private health information. Lastly, it will discuss HIPAA compliance challenges.