Skip to main content
HomeHIPAA Compliance PackageOmnibus RuleHITECH Act OverviewHIPAA Security RuleHIPAA Privacy Rule OverviewPurchase ProductsAbout / Contact Us
HIPAA Security Rule Overview 
The HIPAA Security Rule

On February 13, 2003, HHS Secretary Tommy G. Thompson announced the adoption of the Security and Transaction Modifications Final Rules (The HIPAA "Security Rule"). The security standards were published as a final rule in the February 20, 2003 Federal Register with an effective date of April 21, 2003. Most covered entities will have two full years (until April 21, 2005) in order to comply with the standards.

Under the Security Rule, health insurers, certain health care providers, and health care clearinghouses must establish procedures and mechanisms to protect the confidentiality, integrity and availability of electronic protected health information. The Security Rule requires covered entities to implement administrative, physical and technical safeguards to protect electronic protected health information in their care.

The Security Rule works in concert with the Privacy Rulerivacy adopted by HHS last year and scheduled to take effect for most covered entities on April 14. The two sets of standards use many of the same terms and definitions in order to make it easier for covered entities to comply.

Feel free to contact us with questions.

Phone: 585.202.6655