Skip to Main Content

HIPAA: Your Personal Health Information Guardian in the Digital Age

May 12, 2015 Posted in: Personal Health , Article

For almost 20 years, you've been hearing about the Health Insurance Portability and Accountability Act (HIPAA), and you've probably signed your fair share of HIPAA forms at the doctor's office. But what exactly is HIPAA? Why do you need it to protect your personal health information?

Basically, HIPAA protects your medical information and requires anyone who wants access to your health care records to go through steps that show that they are authorized. HIPAA came into existence in 1996. Prior to 1996, there was no national standard for how to protect health information, and health records were kept on paper. These documents were stored in rooms or locked file cabinets in doctors' offices and sent out at the discretion of the office staff. Rules about access to this paper-based personal health information varied at the state and local level.

Protected Health Information: Definition and Access

As the computer age began and the electronic transmission of health records became possible, the U.S. Department of Health and Human Services devised HIPAA to establish a definition of protected health information. Today, protected health information (PHI) includes any information about you that is received by or generated by a health care provider, a school, an employer, a health insurance company, or a life insurance policy. Information from the past, present, and future is covered. It doesn't matter how that information was received, whether spoken, written, faxed, emailed, or part of an electronic medical record. HIPAA states that, if it pertains to you and your health, that information cannot be shared without your permission.

HIPAA also designates who has legal access to your health information. First of all, you do. HIPAA makes it very clear that patients have the right to see their medical records, to make amendments to those records, and to have copies of those records.

Who else has the legal right to access your information? Covered entities do. Covered entities include many of the same groups labeled by HIPAA as responsible for safeguarding your personal health information: health plans, either private or governmental; health care providers such as nurses, doctors, and pharmacies; and health care clearinghouses.

You, the patient, has the right to restrict who sees your health care information, so according to HIPAA, any entity that wants to access your health information needs your consent. Those forms that you sign when you visit your doctor grant permission to the doctor or nurse, to the insurance company, and to the clearinghouses to access your information. Any other person or legal body needs additional authorization.

Privacy Rule

HIPAA also paved the way for the Privacy Rule. According to that rule, all covered entities must protect electronic health information and educate patients about their rights. HIPAA and the Privacy Rule ensures that you are given a clear written statement describing how health care providers and other covered entities are able to use or share your information. HIPAA also gives you a way to report potential violations to your privacy and describes penalties for such violations.

To summarize your rights under the Privacy Rule, you are entitled to:

  • Have privacy protection for your health information.
  • Have restrictions on who has access to your information.
  • Give consent to release your health information.
  • View and receive a copy of your own medical records.
  • Seek recompense if your privacy protections are violated.

HIPAA protects every form of your personal health information, past, present, or future, wherever it goes. As long as it remains in the hands of one of the groups listed above — health care providers and processors — the parties who transmit your health information are responsible for obeying HIPAA, for informing you about your rights, and for protecting your information. In this way, the Health Insurance Portability and Accountability Act has been guarding your personal health information for nearly a generation.

Dignity Health Explains How Gender Can Affect Heart Health

FEB 14, 2022

A Dignity Health cardiologist discusses heart health differences between men and women and what it means for prevention and treatments. Learn more.

Read More Additional information about Dignity Health Explains How Gender Can Affect Heart Health

Birth Plan 101: Why and How to Create a Plan for Childbirth

JAN 25, 2021

When it comes to childbirth, women now have more options than ever before — but that also means more decisions. Making these in advance helps ease the delivery and reduce stress so you have less to worry about while you're in labor. And having a birt...

Read More Additional information about Dignity Health | Birth Plan 101: Why and How to Create a Plan for Childbirth

7 Common Postpartum Conditions New Mothers Should Know About

JAN 25, 2021

Your life will certainly change after you give birth to your first child - there are many enjoyable emotional and lifestyle changes to look forward to. However, there are also a number of physical changes you may experience after your baby is born.

Read More Additional information about Dignity Health | 7 Common Postpartum Conditions New Mothers Should Know About