HIPAA stands for the Health Insurance Portability and Accountability Act of 1996, which gives Americans the right to access their health information.
HIPAA gives people the right to access their own health information, whether printed, online, or in a mobile app. It stipulates that they can choose to share their health information with other individuals or health systems.
It also ensures healthcare organizations protect private health information.
Under HIPAA, you have the right to:
- access your health information
- request corrections if there are inaccuracies in your information
- receive notice from covered entities (like healthcare facilities and insurance companies) on how they may use or share your health information
- decide whether to provide permission for sharing
- limit how covered entities use your health information
- receive notice of how and why your health information was shared
- file complains if your HIPAA rights are violated
- share your health information
Keep reading to learn more about your rights under HIPAA.
Your health information consists of any information in your health record. Physicians’ offices usually store this information digitally, allowing you to access it online or through a mobile app.
Your health record can include written, spoken, or digital data, such as:
- your health history, including current and past diagnoses
- your medical test results, including past and current records of your blood work, blood pressure, height, weight, and any other medical tests you’ve had
- your immunization history
- any medications you take
- any prior surgeries or procedures you have had
Accessing your health records allows you to:
- make informed decisions based on your health
- review the health information that has been collected about you
- request updates or changes to your health information
Under HIPAA, you have the right to control the sharing of your health record. For instance, you can:
- get additional options from other healthcare professionals based on your health information
- share your health information with a new doctor, if you decide to switch doctors, or with a specialist
- share your health information with a trusted individual, such as a family member
- decide whether or not to provide permission for your information to be shared
Your health record contains protected personal information.
HIPAA affects three types of covered entities:
- health plans, or insurance companies
- healthcare clearinghouses, which are intermediaries that process payment and payment requests
- healthcare providers, which include doctors, nurses, pharmacists, and anyone else at a healthcare facility who is required to view your health information
HIPAA mandates that these covered entities to which you have granted access to your health record protect the information. For instance,
- They cannot share or sell your health information without your consent.
- They must take steps to secure the information in their digital systems to protect it from unlawful access.
- They must limit the use of your private health information on a “need to know” basis.
This includes all health information with personal identifying information that may link it back to you, such as your:
- name
- Social Security number
- telephone number
- email address
- street address
If covered entities violate HIPAA, they will be subject to investigation, which may result in fines, persecution, and in some cases, imprisonment.
However, there are some special emergency circumstances in which a healthcare professional can breach confidentiality, such as if you sustain injuries during a violent attack that requires communication with law enforcement, or if you have an infectious, communicable, or reportable disease that requires communication with public health officials.
HIPAA ensures that you can access your data and share it with trusted individuals.
It also ensures that insurance companies, healthcare facilities, and any intermediaries between them protect your data from unlawful access.