HHS Privacy Rules

Before the HHS privacy rules HIPAA law was created to protect the personal and health information of common people from being compromised by unlawful elements. Any disclosure of the sensitive information to a third party can be done only with the consent of the consumer.

In order to make this law more refined 5 sub-rules were created to ensure full security of data. The US department for Health and Human Services or HHS has also issued a privacy rule which compels the health insurance companies and health providers. This rule goes a step beyond the basic HIPAA rule and gives the consumers right to control and understand how their information is being used.

Of course, health information needs to be shared with the entities within the healthcare and health insurance sector in order to provide proper care and plans to the consumer. With the help of the privacy rule the organizations providing such services to the public can make permitted use of the health information without breaching the privacy of the person seeking care and treatment.

The types of entities which are subject to the privacy rule include the following and are known as covered entities:

Healthcare Providers

Any health care provider, regardless of their size and if they are transferring health information electronically in connection with some specific transactions like – claims, benefit eligibility inquiries, referral authorization requests and other transactions which the HHS has established standards.

Health Plans

  • These include – health, dental treatments, vision and prescription medicines
  • Health maintenance organizations
  • Medicare, Medicaid, Medicare+choice, and Medicare supplement insurers
  • Long term care insurance
  • Employer-sponsored group health plans
  • Government and church sponsored health plans
  • Multi-employer health plans


  • Other than these, even the health care clearing houses and business associates are covered by the HHS privacy rules.

    The law does permit the disclosure of information under serious circumstances concerning the life of the covered individual or some judicial and administrative proceedings, among other circumstances. As we too are covered by the privacy rule, you can rest assured that your health information will remain safe with us.