What Is The HIPAA Privacy Rule?

The U.S. Department of Health and Human Services (HHS) issued the HIPAA Privacy Rule to enforce HIPAA requirements. The Privacy Rule addresses the use and disclosure of the health information for individuals by covered entities subject to the Rule. It also creates a standard for individual privacy rights to control and understand how their health information is used.


Within HHS, the Office for Civil Rights (OCR) has a responsibility to implement and impose the HIPAA Privacy Rule with respect to voluntary compliance activities and civil money penalties. Anyone can file a complaint to the OCR if they believe a HIPAA violation has occurred.