HIPAA is an abbreviation for the Health Insurance Portability and Accountability Act. This law was enacted in 1996 to improve productivity of the American health care system as well as to protect the rights of individuals. This was the first time the federal government established national standards to protect individuals' medical records and other personal health information.
The Privacy Rule provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that information. At the same time, the Privacy Rule is balanced so that it permits the disclosure of personal health information needed for patient care and other important purposes.
- It enables patients to find out how their information may be used, and about certain disclosures of their information that have been made.
- It generally limits release of information to the minimum number of people reasonably needed for the purpose of the disclosure.
- It generally gives patients the right to examine and obtain a copy of their own health records and request corrections.
- It empowers individuals to control certain uses and disclosures of their health information.
What information is protected? Information your doctors, nurses, and other health care providers put in your medical record
- Conversations your doctor has about your care or treatment with nurses and others
- Information about you in your health insurer's computer system
- Billing information about you at your doctor's office
Who Can Look at and Receive Your Health Information The law sets rules and limits on who can look at and receive your health information. To make sure that your health information is protected in a way that does not interfere with your health care, your information can be used and shared:
- For your treatment and care coordination
- To pay doctors and hospitals for your health care and to help run their businesses
- With your family, relatives, friends, or others you identify who are involved with your health care or your health care bills, unless you object
- To protect the public's health, such as by reporting when the flu is in your area
- To make required reports to the police, such as reporting gunshot wounds
Your health information cannot be used or shared without your written permission unless this law allows it. For example, without your authorization, your provider generally cannot:
- Give your information to your employer
- Use or share your information for marketing or advertising purposes
- Share private notes about your health care
For more detailed information about health privacy, you may want to visit the U.S. Department of Health and Human Services web site, click here