Privacy Domain

Purpose

Addresses the privacy concerns of citizens and agencies with well-defined roles, policies, procedures and technologies. In addition, the Privacy domain addresses all state and federal laws related to privacy issues such as the distribution, availability, notification or permission to distribute and privacy violation notification. The privacy discipline focuses on the prevention of unauthorized viewing and/or acquisition of information about a person, case, or other classified activitiy.

The Privacy Domain includes the following subsections:

Health Insurance Portability and Accountability Act (HIPAA)
The HIPAA of 1996 required that regulations be developed to implement a comprehensive federal law to protect individually identifiable health care information. The final regulations, entitled Standards for Privacy of Individually Identifiable Health Information, were published on December 28, 2000, became effective on April 14, 2001 and amended on August 14, 2002. Most covered entities, including the Department, have to comply with the requirements by April 14, 2003. The federal regulations create national standards to protect medical records and other protected health information. The privacy rule sets a minimum standard of safeguards of protected health information.

Policy

Procedures