Office of Administrative Counsel & Rules
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
What is HIPAA?
The Title II provisions of HIPAA, known as the Administrative Simplification regulations, mandate:
- National privacy standards for the creation, use, disclosure, and retention of patient identifiable health information; and
- Data security and integrity requirements for the maintenance and transmission of patient information.
For more HIPAA details, visit the U.S. Department of Health and Human Services Office for Civil Rights (OCR) website.
HIPAA at ADHS
ADHS Customers and Members of the Public
ADHS is not authorized to provide individual information regarding HIPAA complaints or concerns that do not relate to ADHS activities. For HIPAA complaints or concerns that pertain to entities such as doctors, hospitals, and health care providers not related to ADHS activities, please contact your doctor, hospital, or health care provider, the OCR, and/or go to Non-ADHS HIPAA Complaints.
HIPAA Designation for ADHS
For HIPAA purposes, the ADHS is designated as a hybrid entity. This denotes that ADHS has both HIPAA covered components and non-covered components. Only the designated covered components within ADHS are required to comply with HIPAA, although HIPAA also impacts non-covered components. Our designated HIPAA covered components are: Arizona State Hospital, Arizona Community Protection and Treatment Center, and Behavioral Health Services.
ADHS HIPAA Covered Components & Notices of Privacy Practices (NPPs)
ADHS HIPAA covered components must provide NPPs to each client. The NPPs inform the client about the uses and disclosures of their protected health information and their rights regarding their information. In accordance with HIPAA, ADHS reserves the right to modify our NPPs. ADHS' modified NPPs are available through the ADHS HIPAA covered component links below.