HIPAA or Helath Insurance Portability and Accountability Act Title II was enacted in 1996 by the US Congress and contains two rules:  Privacy Rule and Securtiy Rule.  Under HIPAA, the Department of Health and Human Services (HHS) are required to establish national standards for electronic health care transactions and national identifiers for not only providers, but for health plans and employers.

The HIPAA Privacy rule protects personal health information held by covered entities and gives patienst an array of rights with respect to their information, while the Security Rule has a series of 7 safeguards:  administrative, physical, technical, policy and procedures requirements, risk analysis and risk management, and security standards that gives broad guidelines into the steps required to protect personal health information or PHI

If a health center fails to cooperate they face fines of $50,000(minimum) a day with an annual maximum of $1,500,000 for the same violations.

For more information on HIPAA click here.