DPH is subject to the Fair Information Practices Act (FIPA), a state law enacted to ensure the privacy of all personal data held by state agencies. In addition, some of DPH's programs are required to comply with HIPAA (Health Insurance Portability and Accountability Act) and others are subject to different state or federal privacy laws.
DPH is a public health authority as well as a health oversight agency. Many federal and state laws and regulations affect DPH's relationship with the entities it regulates and oversees. Information is provided with respect to how DPH's status affects its ability to collect information from individuals and facilities as well as their ability or obligation to provide information to DPH.
The DPH Confidentiality Policy and Procedures, which may be found here, are a synthesis of the many applicable privacy and confidentiality provisions, and constitute the standards by which the DPH workforce must comply when collecting, using, or disclosing confidential data.
If you have an inquiry related to HIPAA:
Questions or complaints relating to HIPAA should be directed to the U.S. Dept. of Health and Human Services (HHS), Office of Civil Rights (OCR).
The federal policies for HIPAA can be found on their website:
Health Information Privacy: General information relating to HIPAA
Filing with OCR: Learn more about filing a civil rights or health information privacy complaint.
New England Region - Connecticut, Maine, Massachusetts, New Hampshire, Rhode Island, Vermont
Office for Civil Rights
U.S. Department of Health and Human Services
J.F. Kennedy Federal Building - Room 1875
Boston, MA 02203
Customer Response Center: (800) 368-1019
Fax: (202) 619-3818
TDD: (800) 537-7697