The North Carolina Division of Public Health is fully committed to protecting the privacy of individually identifying health information (IIHI). The federal standards for the Privacy of IIHI require that the NC DHHS Division of Public Health provide for the safeguarding and protection of IIHI that is created, received, and maintained in any form or medium by the Division. Information containing patient IIHI disclosed to the Division of Public Health remains confidential and is not public record. Identifying health information disclosed to the Division of Public Health is used as permitted by federal and state laws and regulations to fulfill the Division’s authorized public health functions.
The Division complies with North Carolina General Statutes and Administrative Rules mandating that all individual health information in its possession is confidential. In addition, the Division ensures compliance with HIPAA privacy requirements by developing and implementing privacy policies that specify the Division’s methods for protecting the privacy of individually identifiable health information. The Division of Public Health continues to comply with North Carolina statutes, which preempt HIPAA when state statutes are more stringent than HIPAA. The Division continues to adhere to all federal and state laws and regulations and program-specific requirements with respect to protecting the privacy of health information while fulfilling its Public Health mission. In addition, and as part of its ongoing compliance, the Division follows NC DHHS department-level HIPAA policies, procedures, and practices, as applicable.