USC Office of Compliance

HIPAA Security Rule Overview

The HIPAA Security Rule, which went into effect as of April 21, 2005, requires covered entities like USC to have in place administrative, technical and physical safeguards to protect the confidentiality, integrity and availability of all identifiable health information maintained in electronic form.

This includes any information relating to: (1) an individual's past, present or future physical or mental health or condition; (2) the provision of health care to an individual; or (3) payment for the provision of health care to an individual.