HIPAA

A 1996 United States federal law that establishes national standards for the protection of certain health information. HIPAA's Privacy Rule governs who may access protected health information (PHI), while its Security Rule mandates administrative, physical, and technical safeguards for electronic PHI. Directly relevant to accessibility practice when building or procuring digital health tools — patient portals, telehealth platforms, mental-health chatbots — because accessibility accommodations must not weaken the required safeguards, and vice versa. Does not on its own cover all conversational-AI or chatbot-specific risks.