The HIPPA Privacy Rule creates national standards to protect patients' medical records and personal health information. It gives patients control over their health information and sets limits on how health records can be used and disclosed. The rule establishes safeguards that providers must follow to protect patient privacy and defines protected health information as any identifiable health information. It guarantees patients certain rights regarding their health information and authorizes healthcare providers to access information for treatment, payment, and operations. Violations can result in civil penalties up to $25,000 per person per year or criminal penalties such as fines and imprisonment depending on the type of violation. The document provides tips for safeguarding protected health information.