HIPAA Basics: Medical Privacy in the Electronic Age

Kaye Beach

July 31, 2011

This is a recently updated HIPAA fact sheet from Privacy Rights Clearinghouse.  With the advent of Electronic Health Records and other digital health initiatives, this is a invaluable resource.

1. Introduction

Today you have more reason than ever to care about the privacy of your medical information. Intimate details you revealed in confidence to your doctor were once stored in locked file cabinets and on dusty shelves in the medical records department.

Now, sensitive information about your physical and mental health will almost certainly end up in data files. Your records may be seen by hundreds of strangers who work in health care, the insurance industry, and a host of businesses associated with medical organizations. What’s worse, your private medical information is now a valuable commodity for marketers who want to sell you something.

The Health Insurance Portability and Accountability Act (HIPAA) was passed by Congress in 1996 to set a national standard for electronic transfers of health data. At the same time, Congress saw the need to address growing public concern about privacy and security of personal health data. The task of writing rules on privacy eventually fell to the U.S. Department of Health and Human Services (HHS). After several modifications, DHHS issued the HIPAA Privacy Rule.

The Privacy Rule was effective on April 14, 2003, for most health care providers, health plans, and health care clearinghouses. Small plans had until April 14, 2004 to comply.

If you expect HIPAA to restore your confidence that sensitive medical data is a matter between you and your doctor, you will be disappointed. HIPAA sets the standard for privacy in the electronic age where health industry, government, and public interests often prevail over the patient’s desire for confidentiality.

This guide explains the complex provisions of HIPAA’s Privacy Rule as well as recent measures to strengthen privacy and data security as the country moves closer to a system of electronic health records. It covers HIPAA’s high points and low points regarding your health privacy. For more information on HIPAA and additional rules that are not explained here, go to the References section at the end of this guide.

Read more

[Also see our FAQ on medical privacy.]

  1. Introduction
  2. HIPAA Privacy Rule: Benefits and Shortcomings
  3. Who Is Covered by HIPAA? Who Is Not Covered?
  4. Medical Information: What Does HIPAA Cover?
    What Is “Protected Health Information?” What Is “Minimum Necessary?”
  5. Control of Your Medical Information: ” Consent” and “Authorization”
  6. More About Your Right to Access Your Medical Records
  7. Your Health Records and Your Employer
  8. Your Health Records and the Government
  9. Your Health Information and Your Credit Report
  10. HIPAA and Your Daily Routine
  11. Complaints and Penalties for Violations
  12. The HIPAA Security Rule
  13. Electronic Health Records (EHRs)
  14. The 2009 Stimulus Law, Electronic Health Records, and Privacy
  15. Health Information Privacy in California
  16. Tips for Safeguarding Your Medical Information
  17. References and Resources

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s