This study examines physicians' attitudes toward key Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule requirements and assesses the effects of their implementation. We found that despite physicians' generally negative views toward the Privacy Rule, they rated organizations implementing more rule requirements better at protecting the privacy of patient records than organizations that have not implemented the requirements. The policy implications of the findings are discussed.