The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was enacted in an effort to:
In addition to protecting your privacy, HIPAA may also:
Although it was designed in part to simplify matters, healthcare providers continue to struggle to understand and meet the requirements of the act. This gives you—as a healthcare consumer—all the more reason to understand what HIPAA basically means to your care. That way, you can be confident your information is being handled properly, and take action if it is not.
HIPAA is perhaps most well known for its Privacy Rule. The intent of the Privacy Act is to give people more control over the sharing of their personal medical information, while at the same time making it easier for them to access details about their own health and healthcare.
According to the Privacy Rule, healthcare providers cannot reveal your health information to employers or others who are not entitled to view it. For example, they may not pass on information to companies who are thinking about hiring you or who want to sell you their latest cures or devices. Also, they may not share any information about mental health consultations.
The Privacy Rule protects information in your medical record, conversations your doctor has with nurses or other medical professionals about your care or treatment, information in your insurer's computer system, billing information, and most other health information.
However, there are cases when information can be legally shared. Your health information can be shared for certain reasons, including:
The Privacy Act also gives you greater access to this information. Whereas at one time it was often difficult to view your own medical charts and files, you now have the right to know anything pertaining to your health. Under HIPAA, you are legally entitled to:
You also have the right to file a complaint with your healthcare provider or with the federal Office of Civil Rights if you think your information has been misused. Call the regional Civil Rights office nearest you for more information. You will be asked to provide the specifics of what happened and the reason for your complaint.
HIPAA offers some protections if you have one of the following types of insurance coverage:
While the law is complex and has limitations, here are some protections that HIPAA provides:
The HIPAA mandates apply to just about anybody who deals with your healthcare, including:
US Department of Health & Human Services
The US Department of Labor
Frequently asked questions about portability of health coverage and HIPAA. US Department of Labor website. Available at: http://www.dol.gov/ebsa/faqs/faq_consumer_hipaa.html. Accessed July 18, 2016.
Health information privacy. US Department of Health and Human Services Department website. Available at: http://www.hhs.gov/ocr/privacy. Accessed July 18, 2016.
Statement of HIPAA portability rights. Arizona Health Care Cost Containment System website. Available at: https://www.azahcccs.gov/Members/Downloads/privacy/StatementofHIPAAPortabilityRights.pdf. Accessed July 18, 2016.
Understanding HIPAA privacy. US Department of Health & Human Services website. Available at: http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html. Accessed July 18, 2016.
Your health information privacy rights. US Department of Health and Human Services website. Available at: http://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/understanding/consumers/consumer_rights.pdf. Accessed July 18, 2016.
Last reviewed July 2016 by Michael Woods, MD Last Updated: 8/12/2014