us-federal · 1996

Health Insurance Portability and Accountability Act

HIPAA is the primary US cybersecurity and privacy law for the healthcare industry. The Security Rule (45 CFR Part 164 Subpart C) requires covered entities and business associates to implement administrative, physical, and technical safeguards to protect electronic protected health information (ePHI). HHS OCR enforces HIPAA and has assessed over $140 million in penalties since 2003.

Resumo editorial. Para o texto oficial, consulte a fonte oficial.

A DecipherU não oferece consultoria jurídica. Consulte um advogado na sua jurisdição para decisões de compliance.