Great HIPAA Resource

This guide spells out in very simple terms the basics of privacy, security and breach notification for covered entities.

Risk Management

Great HIPAA Resource

Have the terms "simple" and "HIPAA" ever been used in the same sentence? Surprisingly, this seven-page guide spells out in very simple terms the basics of privacy, security and breach notification for covered entities.


The guide clearly defines the:

  • Privacy Rule and the definition of PHI
  • Security Rule and how policies and procedures should be developed and implemented
  • Breach Notification Rule and timelines relating to individuals, HHS, and the media.

It also provides a breakdown of who must comply with HIPAA rules, explaining the concepts of covered entities and business associates. The guide also gives an example of a settlement of a case and a criminal prosecution of a case, and links to additional information on the enforcement process.

Read the article now


The information in the NCMIC Learning Center is offered solely for general information and educational purposes. It is not offered as, nor does it represent, legal or professional advice. Neither does this information constitute a guideline, practice parameter or standard of care. You should not act or rely upon this information without seeking the advice of an attorney familiar with the specific legal requirements of the state(s) in which you practice. If there is a discrepancy between the site and an insurance policy you have with NCMIC, the policy will prevail.