As practices and health care organizations become increasingly digitized, physicians must be aware of HIPAA’s Administrative Simplification provisions—and particularly the Privacy, Security and Breach Notification requirements—that protect the confidentiality of their patients’ medical information. Physicians need to understand these rules and participate in a formal compliance plan designed to ensure all the requirements are met, including state requirements that go above and beyond federal mandates.