skip navigation Smaller text size Reset text size Larger text size
Families & Children Women Teens Adults Seniors People with Disabilities
DHHS Home > Office of Operations Support >
Health Insurance Portability & Accountability Act
The US Congress passed the Health Insurance Portability and Accountability Act (HIPAA), Public Law 104-191, in 1996. This law addresses a variety of issues related to health care. HIPAA required the US Department of Health and Human Services to adopt standards regarding the electronic exchange, privacy, and security of health information. Collectively, these three sets of regulations are known as the "Administrative Simplification" provisions of HIPAA.

The HIPAA Privacy Rule sets standards with respect to the rights of individuals to their health information, procedures for exercising those rights, and the authorized and required uses and disclosures of such information. The Privacy Rule defines what information needs to be protected and who, is authorized to access the protected health information, and delineates individuals' rights to control and access their own protected information.

The security standards in HIPAA were developed for two primary purposes. First, and foremost, the implementation of appropriate security safeguards protects certain electronic health information that may be at risk. Second, protecting an individual's health information, while permitting the appropriate access and use of that information, ultimately promotes the use of electronic health information in the industry – an important goal of HIPAA.

The Office of Civil Rights (OCR) within the US Department of HHS oversees and enforces the Privacy and Security Rule.

HIPAA guarantees individuals the right to access and request amendment of their protected health information and to request an accounting of disclosures of PHI. Contact the Privacy Officer for the NH Department of Health & Human Services with questions regarding these rights.

HIPAA requires the Department's direct care providers to give individuals copies of the Department's standardized Notice of Privacy Practices, and to make good-faith efforts to obtain an acknowledgment of receipt.

'The NH Department of Health and Human Services Privacy Officer is responsible for the implementation of HIPAA policies and procedures required by federal and state law. The Privacy Officer also monitors, reviews, and investigates activities within DHHS to assure compliance with HIPAA.

Translate this page


New Hampshire Department of Health and Human Services
129 Pleasant Street | Concord, NH | 03301-3852

copyright 2016. State of New Hampshire