hipaa-privacy-rule

Installation
SKILL.md

HIPAA Privacy Rule — 45 CFR §164.500-534

Overview

The HIPAA Privacy Rule establishes national standards for the protection of individually identifiable health information — Protected Health Information (PHI) — held by covered entities and their business associates. Enacted under the Health Insurance Portability and Accountability Act of 1996 and finalized in the Privacy Rule of 2000 (with major modifications in 2002 and 2013 under HITECH/Omnibus), the rule balances patient privacy rights with the practical needs of healthcare delivery. The Privacy Rule applies to health plans, healthcare clearinghouses, and healthcare providers who transmit any health information electronically in connection with a HIPAA-covered transaction.

Covered Entities and Business Associates

Who Is a Covered Entity

Under 45 CFR §160.103, covered entities include:

Entity Type Definition Examples
Healthcare Provider Any provider who transmits health information electronically in connection with a covered transaction Hospitals, physician practices, pharmacies, laboratories, dentists, chiropractors
Health Plan Individual or group plan that provides or pays for medical care Health insurers, HMOs, employer-sponsored health plans, government programs (Medicare, Medicaid, TRICARE)
Healthcare Clearinghouse Entity that processes nonstandard health information into standard format Billing services, repricing companies, community health management information systems

Asclepius Health Network Example

Installs
8
GitHub Stars
187
First Seen
May 26, 2026
hipaa-privacy-rule — mukul975/privacy-data-protection-skills