National Standards to Protect 
the Privacy of Personal Health Information

---

4/12/01 - Statement by Secretary Tommy G. Thompson (HTML | Word): "President Bush wants strong patient privacy protections put in place now. Therefore, we will immediately begin the process of implementing the patient privacy rule..."

HHS will issue guidelines on how this rule should be implemented and will consider any necessary modifications that will ensure the quality of care does not suffer inadvertently from this rule.

---

Rule Effective Date:  April 14, 2001
Rule Compliance Date:  April 14, 2003 (April 14, 2004, for small health plans)

---

The privacy provisions of the federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans, and health care clearinghouses. The Department of Health and Human Services has issued the regulation,"Standards for Privacy of Individually Identifiable Health Information," applicable to entities covered by HIPAA. The Office for Civil Rights (OCR) is the Departmental component responsible for implementing and enforcing the privacy regulation.  (See the Statement of Delegation of Authority to the Office for Civil Rights, as published in the Federal Register on December 28, 2000 - HTML | Text | PDF)

The final Privacy Rule was published in the Federal Register on December 28, 2000 (65 FR 82462).

---

Final Privacy Regulation

• Request for Comments, Federal Register, 2/28/01 (Text | PDF)
• Correction of Effective and Compliance Dates, Federal Register, 2/26/01 (Text | PDF)
• Technical Corrections to the Rule, Federal Register, 12/29/00 (Text | PDF)
• Rule in PDF Format, 12/28/00: Zipped (2.6MB)

         or in 8 parts: Part 1 | Part 2 | Part 3 | Part 4 | Part 5 | Part 6 | Part 7 | Part 8
• Rule in Text Format, 12/28/00: Zipped (725KB)

         or in 8 parts: Part 1 | Part 2 | Part 3 | Part 4 | Part 5 | Part 6 | Part 7 | Part 8
• Rule in HTML Format, 12/28/00: Part 1 | Part 2 | Part 3 | Part 4 | Regulation Text Only

Technical Assistance

• Protecting the Privacy of Patients' Health Information, HHS Fact Sheet, 5/9/01 (HTML | Word)

News 2001

• Statement by President George W. Bush, 4/12/01 (HTML)
• Statement by Secretary Tommy G. Thompson, 4/12/01 (HTML | Word)
• Press Release on Effective Date Delay and 30-Day Public Comment Period, 2/23/01 (HTML | Word)

News 2000

• Press Briefing on New Privacy Rule, 12/20/00 (HTML)
• HHS Announces Final Regulation Establishing First-Ever National Standards to Protect Patients' Personal Medical Records, Press Release, 12/20/00 (HTML | Word)
• White House Statement on Health Information Privacy, 12/20/00 (HTML | Word)
• Remarks by the President on Medical Privacy, 12/20/00 (HTML)

Other Relevant Sites

• For information or to view comments on the proposed Privacy Rule (November 1999), or for information on other HIPAA administrative simplification regulations, go to the HHS HIPAA Administrative Simplification web site.

---

Click on the mailbox to submit a question regarding the Privacy Rule: 

---

|

Disclaimers | Privacy Notice | FOIA | Contact Us

OCR Mail

Date revised: May 14, 2001