According to the U.S. Department of Health & Human Services, any health care provider who is considered a "covered entity" must comply with HIPAA rules in terms of keeping health information private and secure. A provider is considered a covered entity if she conducts any transactions in electronic form; this can include practitioners of alternative or complementary therapies.
According to Massagetherapy.com, whether a provider must comply with HIPAA can be difficult to discern. For instance, a massage therapist, who is providing an alternative therapy, does not need to comply unless the treatment is being billed by an insurance company or she is working with other organizations that need to comply.
Since the purpose of HIPAA is to protect patient privacy, it may be in the best interest of any type of therapist to comply. The U.S. Department of Health & Human Services provides help on its website, including a survey that can assist providers in determining if they need to comply.
The Health Insurance Portability and Accountability Act of 1996, or HIPAA, is a federal law that protects patient privacy. Most health care providers must comply with HIPAA, regardless of whether they are providing traditional or alternative therapies.