PAUL R. HALES, ATTORNEY AT LAW, LLC
                                                                                                                                                                                           
Tel: 314-534-3534
Fax: 314-534-0444
personal injury lawyer 
 
Click to Download
about the HIPAA
Privacy Rule 

Paul R. Hales

Attorney at Law

3534 Washington Ave.

St. Louis, MO 63103

TEL: 314-534-3534

 

HIPAA Privacy Rule
The PRIVACY RULE - The Fundamental HIPAA Rule
The Privacy Rule is the basic and most significant of all the HIPAA Rules because it:
  
Applies to all Protected Health Information (PHI) maintained or transmitted in any form or medium
 
Establishes Permitted and Required Uses and Disclosures of PHI for Covered Entities and Business Associates
 
Establishes special, specific rights Individuals have concerning their own PHI.
 

Download the Privacy Rule Primer. It is written in plain language, organized with a Table of Contents and clarifies Privacy Rule compliance for Covered Entities and Business Associates.

 

All material in the Privacy Rule Primer is from The HIPAA E-Tool®  used by permission of ET&C Group LLC. Footnotes with exact legal references are provided for compliance officials and legal counsel.

 

The Privacy Rule is the Basis for the Security and Breach Notification Rules 

Uses and Disclosures of PHI permitted or required by the Privacy Rule are the subject of both the Security and Breach Notification Rules.

The Security Rule

The Security Rule requires Covered Entities and Business Associates to protect against Uses and Disclosures of PHI not permitted or required by the Privacy Rule that is transmitted by Electronic Media or maintained in Electronic Media.

The Breach Notification Rule

The Breach Notification Rule, applicable to both Covered Entities and Business Associates, defines “Breach” as the Acquisition, Access, Use or Disclosure of PHI in a manner not permitted under the Privacy Rule which compromises the Security or Privacy of the PHI.

  

Privacy Rule Overview

1.  Standards and Implementation Specifications

The Privacy Rule is made up of Standards (rules concerning PHI) and Implementation Specifications (instructions for implementing a Standard). Privacy Rule Standards and Implementation Specifications establish:

A.  Rights Individuals have with respect to their PHI;

B. Uses and Disclosures of PHI that a Covered Entity and a Business Associate are permitted and required to make;

C.  Regulations governing Uses and Disclosures of PHI;

D. Administrative requirements for compliance with the Privacy Rule and Breach Notification Rule including a mandatory Standard that Covered Entities must have appropriate Administrative, Technical, and Physical Safeguards in place to protect the privacy of PHI.

  

2.   Privacy Rule in the Code of Federal Regulations

The official text of the Privacy Rule in the Code of Federal Regulations (CFR) is difficult to follow. It is much longer than the Security Rule or Breach Notification Rule with internal references that interrupt its continuity. This surely reflects the inclusive, intermittent process by which the Privacy Rule was developed and has been modified by the U. S. Department of Health and Human Services (HHS) since 1996 as directed by Congress.

3.   Privacy Rule in The HIPAA E-Tool ®

Privacy Rule Standards and Implementation Specifications are easy to follow when you know the steps. The HIPAA E-Tool® was created to untangle the Privacy Rule and present it in logical order with step-by-step Procedures and Forms. Privacy Rule Standards and Implementation Specifications are presented in a logical order, step-by-step according to their subject to make them easy to understand and implement. 

The HIPAA E-Tool® Policies, Procedures and Forms covering all Privacy Rule Standards and Implementation Specifications are arranged in logical order according to their subject to make them easy to follow and implement.

Search Box

The HIPAA E-Tool ® Search Box enables a user to find every Privacy Rule topic easily. Enter a word or phrase and one click brings an explanation on screen that includes direct links to the applicable Policy, Procedure or Form.