PART 160 — GENERAL ADMINISTRATIVE REQUIREMENTS
Subpart A — General Provisions
§ 160.101 Statutory basis and purpose
§ 160.102 Applicability
§ 160.103 Definitions
Act Administrative Simplification Provision ALJ ANSI Business associate Civil Money Penalty CMS Compliance date Covered entity Disclosure EIN Electronic media Electronic protected health information Employer Family Member Genetic Information Genetic Services Genetic Test Group health plan HHS Health care Health care clearinghouse Health care provider Health information Health insurance issuer Health maintenance organization (HMO) Health plan Implementation specification Individual Individually identifiable health information Manifestation or Manifested Modify or modification Organized health care arrangement Person Protected health information Respondent Secretary Small health plan Standard Standard setting organization (SSO) State Subcontractor Trading partner agreement Transaction Use Violation or Violate Workforce
§ 160.104 Modifications
§ 160.105 Compliance dates for implementation of new or modified standards and implementation specifications
Subpart B — Preemption of State Law
§ 160.201 Statutory basis
§ 160.202 Definitions
Contrary More Stringent Relates to the Privacy of Individually Identifiable Health Information State Law
§ 160.203 General rule and exceptions
§ 160.204 Process for requesting exception determinations
§ 160.205 Duration of effectiveness of exception determinations
Subpart C — Compliance and Enforcement
§ 160.300 Applicability
§ 160.302 [Removed and Reserved]
§ 160.304 Principles for achieving compliance
(a) Cooperation
(b) Assistance
§ 160.306 Complaints to the Secretary
(a) Right to file a complaint
(b) Requirements for filing complaints
(c) Investigation
§ 160.308 Compliance reviews
§ 160.310 Responsibilities of covered entities
(a) Provide records and compliance reports
(b) Cooperate with complaint investigations and compliance reviews
(c) Permit access to information
§ 160.312 Secretarial action regarding complaints and compliance reviews
(a) Resolution where noncompliance is indicated
(b) Resolution when no violation is found
§ 160.314 Investigational subpoenas and inquiries
§ 160.316 Refraining from intimidation or retaliation
Subpart D - Imposition of Civil Money Penalties
§ 160.400 Applicability
§ 160.401 Definitions
Reasonable Cause Reasonable Diligence Willful Neglect
§ 160.402 Basis for a civil money penalty
(a) General rule
(b) Violation by more than one covered entity
(c) Violation attributed to a covered entity
§ 160.404 Amount of a civil money penalty
§ 160.406 Violations of an identical requirement or prohibition
§ 160.408 Factors considered in determining the amount of a civil money penalty
§ 160.410 Affirmative defenses
Reasonable cause Reasonable diligence Willful neglect
§ 160.412 Waiver
§ 160.414 Limitations
§ 160.416 Authority to settle
§ 160.418 Penalty not exclusive
§ 160.420 Notice of proposed determination
§ 160.422 Failure to request a hearing
§ 160.424 Collection of penalty
§ 160.426 Notification of the public and other agencies
Subpart E — Procedures for Hearings
§ 160.500 Applicability
§ 160.502 Definitions
§ 160.504 Hearing before an ALJ
§ 160.506 Rights of the parties
§ 160.508 Authority of the ALJ
§ 160.510 Ex parte contacts
§ 160.512 Prehearing conferences
§ 160.514 Authority to settle
§ 160.516 Discovery
§ 160.518 Exchange of witness lists, witness statements, and exhibits
§ 160.520 Subpoenas for attendance at hearing
§ 160.522 Fees
§ 160.524 Form, filing, and service of papers
(a) Forms
(b) Service
(c) Proof of service
§ 160.526 Computation of time
§ 160.528 Motions
§ 160.530 Sanctions
§ 160.532 Collateral estoppel
§ 160.534 The hearing
§ 160.536 Statistical sampling
§ 160.538 Witnesses
§ 160.540 Evidence
§ 160.542 The record
§ 160.544 Post hearing briefs
§ 160.546 ALJ's decision
§ 160.548 Appeal of the ALJ's decision
§ 160.550 Stay of the Secretary's decision
§ 160.552 Harmless error
Make sure you are Omnibus Rule Compliant: HIPAA Privacy Checklist.