Covered entities (certain health care providers, health plans, and health care clearinghouses) are not
required to comply with the HIPAA Privacy Rule until the compliance date. Covered entities may, of
course, decide to:

A.
unvoluntarily protect patient health information before this date

B.
voluntarily protect patient health information before this date

C.
after taking permission, voluntarily protect patient health information before this date

D.
compulsorily protect patient health information before this date