Skip to site content

California Area Office logoCalifornia Area Office

Health Insurance Portability and Accountability Act (HIPAA)

Health Insurance Portability and Accountability Act (HIPAA)

All facilities that provide patient care or provide referrals for patient care are subject to the privacy and security rules of the Health Insurance Portability and Accountability Act (HIPAA). HIPAA changes the way health care staff must protect the privacy of a patient's health information and contains security procedures that must be followed to protect the integrity of a patient's health information. The following areas will provide you with information on the specifics of HIPAA and how your facility can comply with the requirements of this law.

Guide to Privacy and Security of Electronic Health Information (Link to non-IHS PDF) Exit Disclaimer: You Are Leaving  The Official site for Health IT

HIPAA Reminders Email message sent to Tribal Health Program staff on September 12, 2014, discussing relevnat prior HIPAA news articles and deadlines for compliance.

HITECH Modifications to HIPAA Rule  Email message sent to Tribal Health Program staff on September 4, 2013, discussing the modifications to the HIPAA Rule.

IHS HIPAA Compliant Forms/Policies and Procedures will allow you to view and download the HIPAA compliant forms that have been developed by the Indian Health Service for use in Federal facilities. Tribal and Urban facilities are encouraged to modify these forms as appropriate for local use in conjunction with the organizations legal counsel.

IHS HIPAA FAQs Here you will find a listing of the more common questions asked regarding HIPAA and how it relates to Indian Health. Specific questions that are not addressed on this site can be directed to Marilyn Freeman (, HIPAA Privacy Officer for the California Area.

IHS HIPAA Training Here you can find resources to provide HIPAA privacy training for your staff. Materials are available to download to conduct training for a larger group, or an individual can create a log on, complete the course and have a certificate available for their personnel file

IHS HIPAA Update Here you can find the most current versions of the rules, governed by HIPAA, as they relate to electronic transactions standards, privacy of health information, security standards for health information, as well as the proposed rules for the National Provider Identification and Facility Identification Codes. Links to various other HIPAA related subject matter is also available on this page.

Sanction Guidelines for Privacy and Security Violations (2013 update) Exit Disclaimer: You Are Leaving This practice brief is intended to bring awareness for a united industry message of the seriousness regarding the handling of violations by workforce members.