The Health Insurance Portability and Accountability Act (HIPAA) is a Federal law which governs the privacy and security of patient information.

Privacy deals with protected health information (PHI) - how we use it and disclose it, and patient rights. 
PHI is "individually identifiable health information" in any form:

Security outlines safeguards for electronic patient information or ePHI.  ePHI may be contained in: