This review provides a summary of the patient information privacy and security policy. Covered entities are entrusted with the responsibility to safeguard the integrity of patient information, with a particular emphasis on protecting Protected Health Information (PHI). HIPAA's rules play a crucial role in ensuring the protection of PHI through strict enforcement. The review also highlights certain limitations to the HIPAA rules. Furthermore, an assessment of the patient information privacy and security policy is conducted using the "Five E Model" of policy analysis.

Keywords: Policy, PHI, HIPPA, HITECH, privacy rule, security rule

DOI: 10.7176/JHMN/112-03

Publication date: December 31^st 2023