The federal Health Insurance Portability and Accountability Act (HIPAA) of 1996 has significantly affected clinical practice, particularly with regard to how patient information is shared. HIPAA addresses the security and privacy of patient health data, ensuring that information is released appropriately with patient or guardian consent and knowledge. However, when child abuse or neglect is suspected in a clinical setting, the physician may determine that release of information without consent is necessary to ensure the health and safety of the child. This policy statement provides an overview of HIPAA regulations with regard to the role of the pediatrician in releasing or reviewing patient health information when the patient is a child who is a suspected victim of abuse or neglect. This statement is based on the most current regulations provided by the US Department of Health and Human Services and is subject to future changes and clarifications as updates are provided.