# Privacy Act; Implementation
> **US Department of Health and Human Services** · Final rule. · Published 2000-06-01 · Effective 2000-06-01 · 65 FR 34986
## Document
- **Document number:** 00-13602
- **Category:** hipaa-privacy
- **Sub-agency:** US Department of Health and Human Services
- **Federal Register citation:** 65 FR 34986
- **CFR reference:** 45 CFR 5
- **Publication date:** 2000-06-01
- **Effective date:** 2000-06-01
## Abstract

This final rule exempts the new system of records, the Healthcare Integrity and Protection Data Bank (HIPDB), from certain provisions of the Privacy Act (5 U.S.C. 552a). The establishment of the HIPDB is required by section 1128E of the Social Security Act (the Act), as added by section 221(a) of the Health Insurance Portability and Accountability Act (HIPAA) of 1996. Section 1128E of the Act directed the Secretary to establish a national health care fraud and abuse data collection program for the reporting and disclosing of certain final adverse actions taken against health care providers, suppliers or practitioners, and to maintain a data base of final adverse actions taken against health care providers, suppliers and practitioners. Regulations implementing the new HIPDB were published in the Federal Register on October 26, 1999 (64 FR 57740). The exemption being set forth in this rule applies to investigative materials compiled for law enforcement purposes.

## Source
- [Federal Register document](https://www.federalregister.gov/documents/2000/06/01/00-13602/privacy-act-implementation)
---
*AI Analytics · CC0 1.0*