General Public

The Health Insurance Portability and Accountability Act (HIPAA) is a set of Privacy, Security and Breach Notification federal legislative standards, which govern the use and disclosure of an individual’s protected health information, on paper and electronically. The HIPAA covered entities are: health plans, health-care clearinghouses, healthcare providers, such as doctors, psychologists and hospitals and service providers, such as pharmacists, to the covered entities.

According to the HHS, HIPAA Privacy Rule does the following:

  • Gives patients more control over their health information
  • Sets boundaries on the use and release of health records
  • Enables patients to find out how their information may be used, and about certain disclosures of their information that have been made
  • Generally, limits the release of the information to the minimum reasonably needed
  • Generally, gives the patients the right to examine and obtain a copy of their own health records and request corrections
  • Empowers individuals to control certain uses and disclosures of their health information
  • Establishes appropriate safeguards that health care providers and others must achieve to protect the privacy of health information
  • Holds violators accountable, with civil and criminal penalties that can be imposed if they violate patient’s privacy rights
  • Strikes a balance when public responsibility supports disclosure of some forms of data – for example, to protect public health

You can learn more about the current rules and protections of your health information, your rights regarding your health data, government enforcement activities and how to file a complaint here:

  1. Learn more about your health information and HIPAA access rights in this video.
    Access the HHS website here.
  1. Detailed guidance on HIPAA Privacy Rule and Public Health can be found here.
  1. HIPAA and Minors infographic.
  1. High Cost of HIPAA violations infographic.
  1. HIPAA Civil and Criminal Penalties.
  1. Medical Privacy of Protected Health Information Fact Sheet for healthcare professionals.
  1. Confidentiality Coalition Presentation HIPAA General Overview
  2. Confidentiality Coalition Presentation HIPAA and HITECH
  3. Confidentiality Coalition Presentation HIPAA and Medical Research
  4. HIPAA and Mental Health
  1. Demystifying the Federal Advisory Committee Process and Recommendations
  1. Federal Privacy Act of 1974
  2. Bureau of Consumer Protection Business Center – Health Privacy
  3. FTC Identity Theft Site

Recent advances in digital technology and medical informatics continuously expand the possibilities of improved access to care for all Americans through the development of areas such as, but not limited to personalized medicine and telemedicine. Subsequently, policymakers face additional challenges in maintaining the protection of data privacy while enabling efficient flow of data exchange. This expansion will require effective and timely modernization of health policy regulations to match the demands of 21st Century digital healthcare landscape.

  1. 21st Century Cures Act
  2. Mandate 42 CFR Part 2 INFOGRAPHIC
    Congress Considers Medical Privacy Overhaul to Combat the Opioid Epidemic
  3. Partnership to Amend 42 CFR Part 2
  4. 42 CFR Part 2 Confidentiality of Substance Use Disorder Patient Records
  5. OCR New Guidance on HIPAA and Individual Authorization
  6. National Quality Forum Issue Brief
    Privacy: From Barrier to Enabler of Health Information Technology (HIT)
  7. Office of the National Coordinator for HIT
    Data Segmentation In Electronic Health Information Exchange — Complete Whitepaper
  8. Office of the National Coordinator for HIT
    Consumer Consent Options for Electronic Health Information Exchange: Policy Considerations and Analysis