Skip to Content

Security of Health Information in Florida

Any person conducts business in Florida who maintains an electronic data system that includes personal information must provide notice of any breach of the security of the system to any Florida resident whose unencrypted personal information was acquired by an unauthorized person.1

Community mental health providers, excluding alcohol and drug abuse services, 2 and mental health residential treatment facilities3 must store client records in a locked room or container and ensure that the information in client records is safeguarded against loss, defacement, tampering or use by unauthorized persons.



  • 1. Florida Statutes § 817.5681
  • 2. Florida Administrative Code § 65E-4.014
  • 3. Florida Administrative Code § 65E-4.016


Security of Health Information in Florida

Subtopic Statute/Regulation Description
Security of Health Information Florida Administrative Code § 65E-4.014 “Standards for client records; treatment and quality assurance under the Department of Children and Family Services regulations” ...
Florida Administrative Code § 65E-4.016 “Mental health residential treatment facilities under the Department of Department of Children and Family Services regulations” Mental...
Florida Statutes § 408.062 “Research, analyses, studies, and reports under the public health law” The Department of Health must: Research and analyze: The...
Florida Statutes § 817.5681 “Breach of security concerning confidential personal information in third-party possession; administrative penalties under the crimes law...