Skip subpage navigation
The Health Insurance Portability and Accountability Act applies to your protected health information. Your PHI is any information that:
- Identifies you;
- Is about your health or demographics;
- Is maintained by a covered entity or business associate; and
- Is related to your treatment, your medical condition, and the related payment for that condition as maintained by a covered entity or business associate.
The DHA Privacy and Civil Liberties Office helps the Military Health System comply with the following HIPAA Rules:
- The HIPAA Privacy Rule defines how your PHI should be safeguarded, limits when it can be used and disclosed without your authorization, and ultimately gives you some control over your own PHI.
- The HIPAA Security Rule defines how your PHI should be protected and transferred when maintained electronically.
- The HIPAA Breach Notification Rule defines when your PHI has been inappropriately used or disclosed (see Breaches of PII and PHI page) and describes the breach response obligations of a covered entity.
The Chief of the DHA Privacy Office is the appointed HIPAA Privacy Officer and HIPAA Security Officer, and has authority over the HIPAA Privacy and Security programs at DHA.
For more information DHA’s HIPAA compliance program, please read the DHA’s HIPAA Privacy and HIPAA Security Core Tenets Policy Statement.
You are leaving Health.mil
The appearance of hyperlinks does not constitute endorsement by the Department of Defense of non-U.S. Government sites or the information, products, or services contained therein. Although the Defense Health Agency may or may not use these sites as additional distribution channels for Department of Defense information, it does not exercise editorial control over all of the information that you may find at these locations. Such links are provided consistent with the stated purpose of this website.
You are leaving Health.mil
View the external links disclaimer.
Last Updated: July 10, 2024