What Is Protected Under HIPPA's Privacy Rule

• HIPPA is applicable to "protected health information." Protected health information is any oral or written information about a patient that relates to the physical or mental condition of a patient.
  
  

What Entities Are Subject to HIPPA's Privacy Rule

• HIPPA applies only to "covered entities." These entities include health plans, health plan clearinghouses and other types of health care providers that transmit electronic patient data.
  
  

Types of HIPPA Compliance Efforts

• Various mechanisms have been developed in order to comply with HIPPA. Some examples include having patients sign off on who can receive their health information, disallowing electronic distribution of information without consent, locking a computer containing protected health information and redacting any names if not necessary to the functioning of a health care provider's office.
  
  

HIPPA Security Rule

• Another branch of HIPPA relating to privacy is the "security rule." The security rule requires what is known as "small plans" (which are smaller health care entities) to comply with HIPPA, but it is solely applicable to electronic health information.
  
  

HIPPA Enforcement Rule

• In 2006, the final enforcement rule for HIPPA was released. This enforcement rule indicates the procedure for complaints of HIPPA violations and provides for civil monetary penalties that can be assessed for violations of HIPPA.