HIPAA Privacy Rule
E698612
The HIPAA Privacy Rule is a U.S. federal regulation that sets national standards for protecting individuals’ medical records and other personal health information held by covered entities and their business associates.
All labels observed (2)
| Label | Occurrences |
|---|---|
| HIPAA Privacy Rule canonical | 4 |
| Privacy Rule | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T7847185 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: HIPAA Privacy Rule Context triple: [HIPAA Breach Notification Rule, relatedTo, HIPAA Privacy Rule]
-
A.
HIPAA Security Rule
The HIPAA Security Rule is a U.S. federal regulation that sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information through administrative, physical, and technical safeguards.
-
B.
HIPAA Breach Notification Rule
The HIPAA Breach Notification Rule is a U.S. federal regulation that requires covered entities and their business associates to notify affected individuals, regulators, and sometimes the media when unsecured protected health information is compromised.
-
C.
HIPAA Enforcement Rule
The HIPAA Enforcement Rule is a federal regulation that establishes the procedures and penalties for investigating, determining, and enforcing violations of the HIPAA privacy and security requirements.
-
D.
Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that sets national standards for protecting sensitive patient health information and improving the portability and continuity of health insurance coverage.
-
E.
HITECH Act
The HITECH Act is a U.S. law that promotes the adoption and meaningful use of electronic health records while strengthening health information privacy and security protections.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: HIPAA Privacy Rule Target entity description: The HIPAA Privacy Rule is a U.S. federal regulation that sets national standards for protecting individuals’ medical records and other personal health information held by covered entities and their business associates.
-
A.
HIPAA Security Rule
The HIPAA Security Rule is a U.S. federal regulation that sets national standards for protecting the confidentiality, integrity, and availability of electronic protected health information through administrative, physical, and technical safeguards.
-
B.
HIPAA Breach Notification Rule
The HIPAA Breach Notification Rule is a U.S. federal regulation that requires covered entities and their business associates to notify affected individuals, regulators, and sometimes the media when unsecured protected health information is compromised.
-
C.
HIPAA Enforcement Rule
The HIPAA Enforcement Rule is a federal regulation that establishes the procedures and penalties for investigating, determining, and enforcing violations of the HIPAA privacy and security requirements.
-
D.
Health Insurance Portability and Accountability Act
The Health Insurance Portability and Accountability Act (HIPAA) is a U.S. federal law that sets national standards for protecting sensitive patient health information and improving the portability and continuity of health insurance coverage.
-
E.
HITECH Act
The HITECH Act is a U.S. law that promotes the adoption and meaningful use of electronic health records while strengthening health information privacy and security protections.
- F. None of above. chosen
Statements (57)
| Predicate | Object |
|---|---|
| instanceOf |
United States federal regulation
ⓘ
health privacy regulation ⓘ |
| administeredBy |
Office for Civil Rights (HHS OCR)
NERFINISHED
ⓘ
U.S. Department of Health and Human Services NERFINISHED ⓘ |
| amendedBy |
HITECH Act Omnibus Rule of 2013
NERFINISHED
ⓘ
Health Information Technology for Economic and Clinical Health Act NERFINISHED ⓘ |
| appliesTo |
business associates of covered entities
ⓘ
covered entities ⓘ |
| codifiedIn |
45 CFR Part 160
ⓘ
45 CFR Part 164 Subparts A and E ⓘ |
| complianceDateForMostCoveredEntities | April 14, 2003 ⓘ |
| complianceDateForSmallHealthPlans | April 14, 2004 ⓘ |
| definesTerm |
authorization
ⓘ
business associate ⓘ covered entity ⓘ disclosure ⓘ minimum necessary standard ⓘ protected health information ⓘ use ⓘ |
| effectiveDate | April 14, 2003 ⓘ |
| enforcedBy | HHS Office for Civil Rights NERFINISHED ⓘ |
| establishesStandard |
de-identification of health information
ⓘ
minimum necessary use and disclosure of protected health information ⓘ |
| grantsRightTo |
access to one’s own protected health information
ⓘ
receive a notice of privacy practices ⓘ receive an accounting of disclosures of protected health information ⓘ request amendment of protected health information ⓘ request confidential communications ⓘ request restrictions on certain uses and disclosures of protected health information ⓘ |
| jurisdiction |
United States of America
ⓘ
surface form:
United States
|
| partOf | Health Insurance Portability and Accountability Act NERFINISHED ⓘ |
| permitsDisclosureFor |
health care operations
ⓘ
health oversight activities ⓘ judicial and administrative proceedings ⓘ law enforcement purposes ⓘ payment ⓘ public health activities ⓘ research under specified conditions ⓘ treatment ⓘ workers’ compensation programs ⓘ |
| primaryPurpose | protect the privacy of individually identifiable health information ⓘ |
| relatedTo |
HIPAA Breach Notification Rule
NERFINISHED
ⓘ
HIPAA Security Rule NERFINISHED ⓘ |
| requires |
designation of a privacy official
ⓘ
implementation of administrative safeguards for privacy ⓘ implementation of physical safeguards for privacy ⓘ implementation of technical safeguards for privacy ⓘ mitigation of known harmful effects of improper uses or disclosures ⓘ notice of privacy practices for protected health information ⓘ policies and procedures for handling complaints ⓘ sanctions for workforce members who violate privacy policies ⓘ training of workforce members on privacy policies and procedures ⓘ written authorization for most uses and disclosures of protected health information not otherwise permitted ⓘ |
| setsStandardFor |
disclosure of protected health information
ⓘ
use of protected health information ⓘ |
| violationMayResultIn |
civil monetary penalties
ⓘ
corrective action plans ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: HIPAA Privacy Rule Description of subject: The HIPAA Privacy Rule is a U.S. federal regulation that sets national standards for protecting individuals’ medical records and other personal health information held by covered entities and their business associates.
Referenced by (5)
Full triples — surface form annotated when it differs from this entity's canonical label.