GEHA will perform system maintenance today (February 23), starting at 7 p.m. Central time and ending at about 9 p.m. Central time. Portions of this website might not be available during this time. We apologize for any inconvenience.

Privacy & Security

HIPAA is the federal Health Insurance Portability and Accountability Act passed in 1996. It requires health plans to protect the confidentiality of personal medical records and limit the personal health information released to others. GEHA has evaluated policies and procedures across the company and has taken steps to enhance privacy and security procedures already in place.

A Notice of Privacy Practices outlines how GEHA will maintain your privacy under HIPAA regulations, including GEHA's duties, how your protected health information may be used or disclosed, and your rights in regard to your health information. It is important that you carefully read the notice to fully understand how GEHA protects your privacy.

For a complete list of the HIPAA privacy notices and forms that you can download, complete online or have sent to you by regular mail, click Privacy & Security/HIPAA Materials.

For a PDF version of a Department of Health and Human Services' patient guide to the HIPAA Privacy Rule, which offers guidance regarding when health care providers may communicate about you with your family, friends or others involved in your care, click Patient's Guide to the HIPAA Privacy Rule.

For HIPAA materials for GEHA’s health plan, visit