HIPAA: Health Insurance Portability and Accountability Act of 1996 - Primary federal legislation governing the protection of medical information and patient privacy in the United States
HITECH Act: Health Information Technology for Economic and Clinical Health Act - Expands and strengthens HIPAA privacy and security protections, particularly for electronic health records
Privacy Rule: 45 CFR Part 160 and Subparts A and E of Part 164 - Establishes national standards for the protection of individuals' medical records and other personal health information
Security Rule: 45 CFR Part 160 and Subparts A and C of Part 164 - Sets national standards for securing electronic protected health information
Enforcement Rule: 45 CFR Part 160 - Establishes procedures for the imposition of civil money penalties for HIPAA violations
State Privacy Laws: Individual state laws and regulations that may impose additional or more stringent requirements than federal HIPAA regulations
42 CFR Part 2: Federal regulations specifically governing confidentiality of substance use disorder patient records
GINA: Genetic Information Nondiscrimination Act - Prohibits discrimination based on genetic information in health insurance and employment
Mental Health Privacy: Special provisions and additional protections for mental health records, which may vary by state
Minor Health Information: Specific requirements and protections for handling health information of minors, including consent requirements
Clinical Research Regulations: Additional requirements for handling PHI in clinical research settings, including IRB approval and specific consent requirements
FDA Requirements: Food and Drug Administration regulations that may apply to health information in contexts involving FDA-regulated products or studies
