The Department of Health and Human Services (HHS) has released a fact sheet on the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA). Designed to apply to HIPAA-covered entities, including health care organizations, health care plans, providers, and their business associates, the fact sheet provides a basic overview of the HIPAA rules, the information protected by the rules, and a summary of who is required to comply with the rules. Among other things, the fact sheet includes a table of the breach notification timelines, a chart regarding the different types of covered entities, and a topic index with links to additional resources.