The HIPAA Security Rule went into effect on April 20, 2005. It secures the confidentiality of patients' electronic health data by regulating:
- How electronic protected health information (ePHI) is used
- To whom ePHI is disclosed
- How and where ePHI is maintained
ePHI includes all physical and mental health information, payment information, and demographic information stored in an electronic format. Some examples of ePHI include:
- Workstations
- Laptops
- Tablets
- Mobile devices
- USB drives
- Cloud storage
- Email messages