Who Enforces HIPAA Standards?

Who enforces HIPAA standards? The Health and Human Services (HHS) Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information, and the HIPAA Security Rule, which sets national standards for the security of electronic protected health information.

The Office of E-Health Standards and Services within the Centers for Medicare & Medicaid Services (CMS) enforces HIPAA administrative simplification provisions. This includes transactions and code sets, and national identifiers. CMS also enforces the insurance portability requirements under Title I of HIPAA. 

Content reviewed: 3/2/2007

NOTICE: The Texas Medical Association provides this information with the express understanding that 1) no attorney-client relationship exists, 2) neither TMA nor its attorneys are engaged in providing legal advice and 3) that the information is of a general character. This is not a substitute for the advice of an attorney. While every effort is made to ensure that content is complete, accurate and timely, TMA cannot guarantee the accuracy and totality of the information contained in this publication and assumes no legal responsibility for loss or damages resulting from the use of this content. You should not rely on this information when dealing with personal legal matters; rather legal advice from retained legal counsel should be sought. 

TMA Practice E-tips main page 

Last Updated On

January 24, 2013

Related Content