The Privacy Rule: HIPAA standards for the privacy of individually identifiable health information.

The main objective of the HIPAA Privacy Rule is to provide a uniform and simplified minimum standard for the privacy of individually identifiable health information. Five broad categories are covered: boundaries, security, consumer control, accountability and public responsibility. Compliance with the Privacy Rule includes appointing a security official, making some basic assessments about a fund's current policies and procedures, assessing security protocols for network systems, developing a participant complaint mechanism and creating an internal grievance procedure for employer action and employee whistle-blowing. At this writing, although the final standards are still under debate, most health care plans should accept the regulation and begin compliance procedures. Successful implementation of the Privacy Rule can streamline fund operations and give participants the added security and peace of mind they demand.