DHA Home About DHA Human Resources Contact Us FOIA Site Map
Infinite Menus, Copyright 2006, OpenCube Inc. All Rights Reserved.

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

The TRICARE Management Activity (TMA) Privacy and Civil Liberties Office (Privacy Office) manages a comprehensive privacy and security program that ensures compliance with the HIPAA Privacy and Security Rules codified at 45 C.F.R. Parts 160 and 164.

The HIPAA Privacy and Security Rules are implemented within the Military Health System (MHS) by DoD 6025.18-R, "Department of Defense Health Information Privacy Regulation," January 24, 2003 and DoD 8580.02-R, "Department of Defense Health Information Security Regulation," July 12, 2007.

As set forth by DoD 6025.18-R, the Privacy Office supports the protection of beneficiary health information and HIPAA Privacy Rule compliance by all MHS business processes, procedures, and systems that solicit, collect, maintain, access, use, disclose, and dispose of protected health information (PHI).

Concurrently, through its HIPAA security program, as set forth by DoD 8580.02-R, the Privacy Office supports the protection of the confidentiality, integrity and availability of electronic PHI against any reasonably anticipated threats or hazards, including implementation of reasonable administrative, physical, and technical safeguards by MHS covered entities under HIPAA.

On August 30, 2012, TMA’s Deputy Director issued the updated TMA HIPAA Privacy and Security Core Tenets Policy Statement. This Policy Statement establishes and details the core tenets of the HIPAA Privacy and Security Rules at TMA for the use, disclosure, and protection of PHI, and confirms the responsibility and authority of the Director, TMA Privacy Office, as the TMA HIPAA Privacy and HIPAA Security Officer. TMA’s HIPAA Privacy and Security Core Tenets Policy Statement is available here.

Please note that the Privacy Office does not provide information on the Transactions, Code Sets and Identifiers requirements of HIPAA’s Administrative Simplification provisions. For these types of inquiries, please contact the TMA HIPAA Electronic Transactions, Code Sets and Identifiers Team at HIPAATSCIMail@tma.osd.mil or refer to their website at http://www.tricare.mil/tma/hipaa.

“On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."
DoD Seal
7700 Arlington Boulevard, Suite 5101, Falls Church, VA 22042-5101
The appearance of hyperlinks to external Web sites does not constitute endorsement by the TRICARE Management Activity of these Web sites or the information, products or services contained therein. For other than authorized government activities, TRICARE Management Activity does not exercise any editorial control over the information you may find at other locations. Such links are provided consistent with the stated purpose of this DoD Web site. Accessibility/Section 508