Clients Rate Lawyers on our Platform 4.9/5 Stars
based on 4,876 reviews

Jump to Section

Need help with a Power of Attorney?

Post Project Now

Post Your Project (It's Free)

Get Bids to Compare

 Hire Your Lawyer

HIPAA Law (Health Insurance Portability and Accountability Act) is a federal law protecting sensitive health information or Protected Health Information (PHI).

Essentials of HIPAA Law

In today's world, data privacy is more important than ever. As technology usage has grown in healthcare, so must ensure that patients' personal health information (PHI) is kept confidential. That's where HIPAA comes in. HIPAA, or the Health Insurance Portability and Accountability Act, is a federal law that sets standards for protecting the privacy and security of PHI.

The HIPAA law includes various rules to safeguard the privacy and security of PHI, including the HIPAA Privacy Rule, the HIPAA Security Rule, and the HIPAA Enforcement Rule. The Privacy Rule sets national standards for protecting the privacy of individuals' PHI, including written, oral, and electronic forms of PHI. It also establishes patients' rights regarding their health information. The Security Rule establishes national standards for protecting electronic PHI's confidentiality, integrity, and availability. The Enforcement Rule establishes procedures for investigating and enforcing HIPAA violations.

HIPAA applies to covered entities, including most healthcare providers, health plans, healthcare clearinghouses, and business associates. Covered entities must comply with HIPAA's privacy and security rules, which outline the steps to protect PHI. Penalties for HIPAA violations can be significant, ranging from fines to criminal charges.

Overall, HIPAA is an important law that helps protect patient health information's privacy and security, ensuring that sensitive information remains confidential and is only shared with authorized individuals and organizations.

HIPAA was enacted in 1996, primarily as a response to the growing use of electronic healthcare transactions. The law has several goals, including:

  • Ensuring that patients' health information is kept private and secure
  • Making it easier for patients to keep their health insurance when they change jobs or become unemployed
  • Simplifying healthcare administrative transactions

HIPAA applies to covered entities, which includes most healthcare providers, health plans, and healthcare clearinghouses. These entities must comply with HIPAA's privacy and security rules, which outline the steps they must take to protect PHI.

HIPAA Privacy Rules

The HIPAA Privacy Rule sets national standards for protecting the privacy of individuals' PHI. The rule applies to all forms of PHI, including written, oral, and electronic. It also establishes patients' rights regarding their health information.

Some of the key provisions of the HIPAA Privacy Rule include:

  • Requiring covered entities to obtain written consent from patients before using or disclosing their PHI, except in certain situations (such as for treatment, payment, or healthcare operations)
  • Giving patients the right to access and obtain a copy of their PHI
  • Allowing patients to request that their PHI be corrected if it is inaccurate
  • Requiring covered entities to implement reasonable administrative, physical, and technical safeguards to protect PHI.
Meet some lawyers on our platform

Zachary J.

84 projects on CC
View Profile

Matthew S.

10 projects on CC
View Profile

Bruce B.

24 projects on CC
View Profile

O.T. W.

1 project on CC
View Profile

Advantages of the HIPAA Law

  • Protecting Patient Privacy

    The primary advantage of HIPAA is that it protects patients' health information privacy. HIPAA sets national standards for handling sensitive health information, ensuring that individuals' personal and medical details are not disclosed to unauthorized individuals or organizations.

  • Streamlining Healthcare Transactions

    HIPAA also aims to simplify healthcare transactions by mandating standard formats for electronic healthcare transactions, making it easier and more efficient for patients to change healthcare providers and obtain health insurance.

  • Ensuring the Security of Health Information

    HIPAA not only requires that health information be kept private but also mandates that covered entities implement technical, physical, and administrative safeguards to ensure the security of health information, including electronic health records.

  • Promoting Interoperability

    HIPAA promotes the exchange of health information between healthcare providers and organizations, leading to better-coordinated patient care and improved health outcomes.

  • Enforcing Penalties for Violations

    HIPAA has penalties for non-compliance with its privacy and security rules, which can deter covered entities from mishandling health information and provide a way to hold violators accountable.

Overall, HIPAA helps ensure that sensitive health information is kept private and secure while promoting more efficient and coordinated healthcare delivery. It also provides a framework for enforcing penalties for violations, which can encourage covered entities to take their responsibilities for protecting patient information more seriously.

HIPAA Security Rules

The HIPAA Security Rule complements the Privacy Rule by establishing national standards for protecting electronic PHI's confidentiality, integrity, and availability. Covered entities that create, receive, maintain, or transmit electronic PHI must comply with the Security Rule. The Security Rule sets out three categories of security safeguards that covered entities must implement:

  • Administrative safeguards, which include policies and procedures for managing the selection, development, implementation, and maintenance of security measures
  • Physical safeguards, which involve measures such as facility access controls, workstation security, and device and media controls
  • Technical safeguards, which cover the technology and mechanisms used to protect electronic PHI, such as access controls, encryption, and audit controls

HIPAA Enforcement Rules

The HIPAA Enforcement Rule establishes procedures for investigating and enforcing HIPAA violations. The rule gives the Department of Health and Human Services (HHS) the authority to investigate complaints, conduct compliance reviews, and impose penalties for non-compliance.

Penalties for HIPAA violations can be significant. For example, violations due to willful neglect can result in fines of up to $50,000 per violation, with an annual cap of $1.5 million. Besides, HIPAA regulations still apply to telehealth, meaning healthcare providers must protect patients' PHI during telehealth visits and relax some of the HIPAA requirements for telehealth. However, these waivers are only in effect for the public health emergency, and covered entities are still expected to comply with HIPAA to the greatest extent possible.

Key Terms

  • Company Associates: Company associates are third-party entities that conduct services for covered entities and have entry to PHI. Examples include medical billing companies, IT providers, and consultants.
  • Covered Entities: Covered entities are people, institutions, or companies required to comply with HIPAA rules. These comprise health plans, healthcare providers, and healthcare clearinghouses.
  • Privacy Rule: The Privacy Rule establishes national benchmarks for safeguarding people's PHI held by covered entities and their enterprise associates.
  • Minimum Necessary Rule: The minimum necessary rule mandates covered entities to restrict PHI's use, disclosure, and request to the minimum necessary to achieve the planned purpose.


The HIPAA law is an essential federal regulation that aims to protect the privacy and security of patients' sensitive health information. It sets national standards for how healthcare providers, health plans, and healthcare clearinghouses handle PHI, including electronic health records. HIPAA has many advantages, including protecting patient privacy, ensuring the security of health information, simplifying healthcare transactions, promoting interoperability, and enforcing penalties for violations. By following HIPAA's privacy and security rules, covered entities can help maintain patients' trust and promote better healthcare outcomes.

HIPAA is a crucial law field that has greatly contributed to protecting sensitive health information and will continue to be an important aspect of healthcare for years to come. In addition to its primary goal of protecting patient privacy and securing sensitive health information, the HIPAA law has also helped improve the efficiency and coordination of healthcare. Its standardization of electronic healthcare transactions has made it easier for patients to change providers, obtain insurance, and access their health information.

If you are looking to get free pricing proposals from vetted lawyers that are 60% less than typical law firms, you can click here to get started. By comparing multiple proposals for free, you can save the time and stress of finding a quality lawyer for your business needs.

How ContractsCounsel Works
Hiring a lawyer on ContractsCounsel is easy, transparent and affordable.
1. Post a Free Project
Complete our 4-step process to provide info on what you need done.
2. Get Bids to Review
Receive flat-fee bids from lawyers in our marketplace to compare.
3. Start Your Project
Securely pay to start working with the lawyer you select.

Meet some of our Lawyers

Erdal T. on ContractsCounsel
View Erdal
5.0 (1)
Member Since:
September 15, 2022

Erdal T.

Owner, CEO and Managing Attorney
Free Consultation
New Jersey
17 Yrs Experience
Licensed in NJ, NY
New York Law School

Erdal Turnacioglu of Erdal Employment Law focuses on providing employment solutions to both employees and businesses, whether through litigation, review of employee handbooks, workplace investigations, or training seminars.

Charlton M. on ContractsCounsel
View Charlton
5.0 (6)
Member Since:
September 19, 2022

Charlton M.

Free Consultation
Dallas, TX
9 Yrs Experience
Licensed in TX
University of St. Thomas School of Law

Charlton Messer helps businesses and their owners with general counsel and contract drafting services. He has helped over 500 businesses with their legal needs across a variety of industries in nearly a decade of practice.

Dan "Dragan" I. on ContractsCounsel
View Dan "Dragan"
5.0 (3)
Member Since:
September 21, 2022

Dan "Dragan" I.

Managing Attorney
Free Consultation
Chicago, Illinois
24 Yrs Experience
Licensed in IL
University of Illinois College of Law

I received a bachelor’s degree in philosophy from Northwestern University in 1996 and then got my JD at University of Illinois College of Law where in 1999. I have been a lawyer helping people with legal issues in the United States and Internationally since then. That includes litigation as well as contracts/transactions. I am currently licensed and authorized to practice before the Illinois courts and the United States’ District Court for the Northern District of Illinois. Internationally I am one of a select few American attorneys licensed and authorized to practice before the United Nations ICTY/IRMCT, the International Criminal Court, and the State Court of Bosnia-Herzegovina. Clients have retained me internationally to alongside local counsel in several European countries, as well as Australia and Africa in private legal matters. I also have been appointed by the United Nations to represent persons at the ICTY/IRMCT in addition to being chosen by indigent accused to represent them. Since 2009 my law firm has handled domestic and international cases, including Trial litigation (including Commercial, Premises Liability, Personal Injury, Criminal Defense, and General Litigation), as well as Transactional work (Contracts, Corporate formation, and Real Estate Transactions). I have been honored for my work by my peers who voted for me, and I served as President of the ADC-ICT (the Official Bar Association of Practitioners before the UN ICTY and UN IRMCT in The Hague) previously, and now am serving a term on the Executive Board. I also am elected to serve key roles in the ICCBA (that is the bar association at the International Criminal Court in The Hague). I enjoy helping less experienced practitioners and students evolve and improve. I served as an instructor/lecturer on Oral Advocacy and Trial Practice for the participants of the ADC-ICT & ICLB Mock Trial since 2014, and has presented Advocacy Training lectures for the ADC-ICT on several topics as well as regularly lecturing to visiting University and Bar groups from around the world. If you or a loved one have a legal matter of importance, let's see if I can help you with it!

Justin K. on ContractsCounsel
View Justin
5.0 (8)
Member Since:
September 22, 2022

Justin K.

Freelance Attorney
Free Consultation
Valencia, CA
20 Yrs Experience
Licensed in CA
University of Southern California School of Law

I have been practicing law exclusively in the areas of business and real estate transactions since joining the profession in 2003. I began my career in the Corporate/Finance department of Sidley's Los Angeles office. I am presently a solo practitioner/freelancer, and service both business- and attorney-clients in those roles.

Ryenne S. on ContractsCounsel
View Ryenne
4.9 (120)
Member Since:
October 11, 2022

Ryenne S.

Principal Attorney
Free Consultation
Chicago, IL
13 Yrs Experience
Licensed in IL
DePaul University College of Law

My name is Ryenne Shaw and I help business owners build businesses that operate as assets instead of liabilities, increase in value over time and build wealth. My areas of expertise include corporate formation and business structure, contract law, employment/labor law, business risk and compliance and intellectual property. I also serve as outside general counsel to several businesses across various industries nationally. I spent most of my early legal career assisting C.E.O.s, General Counsel, and in-house legal counsel of both large and smaller corporations in minimizing liability, protecting business assets and maximizing profits. While working with many of these entities, I realized that smaller entities are often underserved. I saw that smaller business owners weren’t receiving the same level of legal support larger corporations relied upon to grow and sustain. I knew this was a major contributor to the ceiling that most small businesses hit before they’ve even scratched the surface of their potential. And I knew at that moment that all of this lack of knowledge and support was creating a huge wealth gap. After over ten years of legal experience, I started my law firm to provide the legal support small to mid-sized business owners and entrepreneurs need to grow and protect their brands, businesses, and assets. I have a passion for helping small to mid-sized businesses and startups grow into wealth-building assets by leveraging the same legal strategies large corporations have used for years to create real wealth. I enjoy connecting with my clients, learning about their visions and identifying ways to protect and maximize the reach, value and impact of their businesses. I am a strong legal writer with extensive litigation experience, including both federal and state (and administratively), which brings another element to every contract I prepare and the overall counsel and value I provide. Some of my recent projects include: - Negotiating & Drafting Commercial Lease Agreements - Drafting Trademark Licensing Agreements - Drafting Ambassador and Influencer Agreements - Drafting Collaboration Agreements - Drafting Service Agreements for service-providers, coaches and consultants - Drafting Master Service Agreements and SOWs - Drafting Terms of Service and Privacy Policies - Preparing policies and procedures for businesses in highly regulated industries - Drafting Employee Handbooks, Standard Operations and Procedures (SOPs) manuals, employment agreements - Creating Employer-employee infrastructure to ensure business compliance with employment and labor laws - Drafting Independent Contractor Agreements and Non-Disclosure/Non-Competition/Non-Solicitation Agreements - Conducting Federal Trademark Searches and filing trademark applications - Preparing Trademark Opinion Letters after conducting appropriate legal research - Drafting Letters of Opinion for Small Business Loans - Drafting and Responding to Cease and Desist Letters I service clients throughout the United States across a broad range of industries.

Tina T. on ContractsCounsel
View Tina
Member Since:
October 1, 2022

Tina T.

Free Consultation
New Mexico
1 Yr Experience
Licensed in NM
Arizona Summit Law School

I am a New Mexico licensed attorney with many years of world experience in real estate, transactional law, social security disability law, immigration law, consumer law, and estate planning.

Brent W. on ContractsCounsel
View Brent
Member Since:
December 27, 2022

Brent W.

Free Consultation
Atlanta, GA
16 Yrs Experience
Licensed in GA
Cumberland School of Law

Brent has been in practice since 2007 and been the principal attorney and owner of The Walker Firm, LLC since 2014. Brent focuses on providing an array of general counsel services to individuals and companies in a variety of industries.

Sarah S. on ContractsCounsel
View Sarah
Member Since:
September 22, 2022

Sarah S.

Free Consultation
3 Yrs Experience
Licensed in OK
University of Tulsa College of Law

I have a background in Criminal Law, Family Law, Contract Law, and Environmental Law. I also have five (5) degrees in the following: Here are my degrees and background: 1) B.S. in Environmental, Soil, and Water Sciences 2) A.S. in Pre-Medical Sciences (anatomy, physiology, medical terminology) 3) A.S. in Aircraft Non-Destructive Inspection (science of x-rays, cracks in metal, liquid penetrant, magnetic particle inspections, ultrasonic inspections, and spectrophotometric oil analysis) 4) Master's in Natural Resources Law Studies (1 year focus in the environmental and pollution laws (Hazardous Waste Laws such as RCRA, CERCLA, FIFRA, Natural Resource laws such as ESA, CWA, CAA, FWPCA, Environmental Law, Sustainable Development, and Global Climate Change issues) 5) Juris Doctor and certificate in Native American Law

James G. on ContractsCounsel
View James
Member Since:
September 22, 2022

James G.

Free Consultation
Glendale, Arizona
8 Yrs Experience
Licensed in AZ
Arizona Summit School of Law

I am a lawyer in Glendale, Arizona. I have practiced in contract work including buy/sell agreements, contracts for the purchase of goods and services and real estate. I also practice in bankruptcy law and sports and entertainment law.

Gregory D. on ContractsCounsel
View Gregory
Member Since:
September 30, 2022

Gregory D.

Attorney at Law
Free Consultation
Wake Forest, NC
3 Yrs Experience
Licensed in NC
Norman Adrian Wiggins School of Law at Campbell University

Gregory S. Davis is a native of New York and is a graduate of the Norman Adrian Wiggins School of Law at Campbell University. He also holds an undergraduate degree in Economics from the Wharton School at the University of Pennsylvania and an MBA from Bowie State University. Prior to entering the practice of law, Greg was a Trust officer for one of the largest U.S. Banks, an adjunct professor of finance at Meredith College and a Series 7 licensed financial advisor. Greg is currently the owner of The Law Office of Gregory S. Davis, PLLC (gsdavislaw.com) focusing on Estate Planning, Real Estate and Business Law. Greg is also an adjunct professor of Business Law at Wake Tech.

Find the best lawyer for your project

Browse Lawyers Now

Want to speak to someone?

Get in touch below and we will schedule a time to connect!

Request a call