This document discusses security safeguards and breach notification rules for electronic health information exchange under HIPAA regulations. It outlines requirements for the HIPAA Security Rule including risk analysis, assigned security responsibilities, and workforce security. It also describes what constitutes a breach of protected health information, notification requirements for individuals and health authorities in the event of a breach, and enforcement by the Federal Trade Commission.