The Health Insurance Portability and Accountability Act (HIPAA) of 1996 specifies a series of administrative, physical and technical safeguards to assure
the confidentiality, integrity and availability of protected health information (PHI). Individuals, organizations and agencies that meet the definition of a covered
entity must comply with its rules to protect the privacy and security of all patient information. Any breach of confidentiality, such as improperly discarded documents,
must be reported to the authorities and, in cases involving over 500 records, to local media as well.

Under HIPAA law, every healthcare provider, including doctors, clinics, psychologists, dentists, chiropractors,
nursing homes, pharmacies and insurance providers, is required to prevent 
unauthorized access to PHI at all times.