American Academy of Family Physicians
Home Page > Practice Mgmt > Regulatory Compliance > HIPAA > HIPAA Privacy > Do state privacy laws override HIPAA?

Search
 
Advanced Search

About UsNews & PublicationsMembersCME CenterClinical & ResearchPractice MgmtPolicy & AdvocacyCareers

Printer-friendly Version

Email this Page

Do state privacy laws override HIPAA?

No. The HIPAA privacy rule is much more formal than the patient confidentiality laws physicians have traditionally adhered to. State law should only be followed:
  • when it is more stringent than federal law,
  • or it provides for the reporting of disease or injury, child abuse, birth, or death,
  • or for public health surveillance, investigation, or intervention, or requires certain health plan reporting, such as for management or financial audits.
For more information on the relationship between HIPAA and state privacy laws, see 45 C.F.R. Part 160, Subpart B, for specific requirements related to preemption of State law. An unofficial version of the Privacy Rule (55-page PDF file; About PDFs) and the preemption requirements may be accessed on the Health and Human Services web site.

Copyright © 2008 American Academy of Family Physicians
Home | Privacy Policy | Contact Us | My Academy
Members | Residents | Students | Patients | Media Center
RSS RSS | POD Podcasts

HIPAA Privacy

Who must comply with HIPAA privacy standards?

Do state privacy laws override HIPAA?

What is Protected Health Information (PHI)?

May I share de-identified health information?

Must the patient authorize every release of PHI?

Shop Catalog