CIPP-US - Limits on Private-Sector Collection and Use of Data - Section 2.2

Explain HIPAA's Privacy Rule and Security Rule requirements, permissible uses and disclosures, and the HITECH Act's breach notification obligations.

Describe the HIPAA Privacy Rule's framework for permissible uses and disclosures of protected health information (PHI) by covered entities and business associates, and the Security Rule's administrative, physical, and technical safeguards for electronic PHI. Apply HITECH breach notification requirements to determine when and to whom a covered entity must report an impermissible disclosure.

Examworthy is not affiliated with or endorsed by IAPP. Original, blueprint-aligned practice material only.