DHMH is a hybrid entity. That means that DHMH has both covered and non-covered functions. Our Providers and Health Plans fall under the rules of HIPAA. These covered entities can include, but are not limited to:
Any covered entity must follow all the requirements of HIPAA. Every covered entity also has its own HIPAA officer responsible for ensuring that patients’ privacy is maintained. If you suspect that a DHMH covered entity is responsible for a privacy violation, please contact the DHMH Privacy Officer.