The Miracle of God Foundation welcomes residents of all races and backgrounds, helping them get back on track and adjust to daily life. Please look at our site for information about our services, facilities and who can join our family of those who have recovered.

HIPAA Privacy Rule

The Privacy Rule standards address the use and disclosure of individuals’ health information (known as “protected health information”) by entities subject to the Privacy Rule. These individuals and organizations are called “covered entities.” The Privacy Rule also contains standards for individuals’ rights to understand and control how their health information is used. The Privacy Rule's major goal is to ensure that individuals’ health information is properly protected while allowing the flow of health information needed to provide and promote high-quality health care and protect the public’s health and well-being. The Privacy Rule strikes a balance that permits important uses of information while protecting the privacy of people who seek care and healing.

HIPAA Security Rule

While the HIPAA Privacy Rule safeguards protected health information (PHI), the Security Rule protects a subset of information covered by the Privacy Rule. This subset is all individually identifiable health information a covered entity creates, receives, maintains, or transmits in electronic form. This information is called “electronically protected health information” (e-PHI). The Security Rule does not apply to PHI transmitted orally or in writing.

To comply with the HIPAA Security Rule, all covered entities must do the following:

  • Ensure the confidentiality, integrity, and availability of all electronically protected health information

  • Detect and safeguard against anticipated threats to the security of the information

  • Protect against anticipated, impermissible uses or disclosures

  • Certify compliance by their workforce

Covered entities should rely on professional ethics and best judgment when considering requests for these permissive uses and disclosures. The HHS Office for Civil Rights enforces HIPAA rules, and all complaints should be reported to that office. HIPAA violations may result in civil monetary or criminal penalties.

For more information, visit the Department of Health and Human Services HIPAA website external icon.