- (1) An employee of a covered program may be disciplined for failure to comply with the HIPAA Privacy Rule requirements found in 45 CFR 164, Subpart E. Discipline may include termination and civil or criminal prosecution.
- (2) An employee of a covered program may not intimidate, threaten, coerce, discriminate against, or take other retaliatory action against any person for exercising any right established by the HIPAA Privacy Rule or for opposing in good faith any act or practice made unlawful by the HIPAA Privacy Rule.
KEY: HIPAA, privacy
Date of Last Change: June 19, 2025
Notice of Continuation: April 10, 2023
Authorizing, and Implemented or Interpreted Law: 26B-1-213