HIPAA and the Privacy of your Medical Information

What are my Rights under HIPAA?

When we go to a new doctor, and even periodically at our established doctors' offices, we have to sign forms informing us of the office's privacy practices under HIPAA. If you are like most of us, it's one more boring piece of paper to look at and sign before you can get to what you really came for: seeing the doctor.  Maybe you read all of it, but I wouldn't bet that many of us do!  Maybe you go so far as to think, "Oh good, they are doing something to protect my privacy."  Well, they are, but it's important for you to know what the policies are.

*** This sharepost is legal education, not legal advice. No attorney-client relationship is created. ***

What's HIPAA For?

Most of us think of HIPAA as the law that protects the privacy of our medical records, since that's how most of us come in contact with the statute.  HIPAA does do that, but that's not what it was originally designed for.  HIPAA stands for the Health Insurance Portability and Accountability Act, and its main purpose was to increase consumer access to health care, and make it easier for us to maintain health insurance coverage despite job changes or other situations that could have resulted in lapses in coverage.  HIPAA provisions provide protections for coverage under group health plans; limit exclusions for preexisting conditions; and prohibit discrimination against employees and dependents based on their health status. HIPAA may also give you a right to purchase individual coverage if you have no group health plan coverage available, and have exhausted your COBRA or other continuation coverage.  Visit the Department of Health and Human Services web site for more information regarding these HIPAA portability of coverage provisions.

The Privacy Rule

As Congress dealt with creating a law that made it possible for consumers to move from employer to employer or insurer to insurer without a lapse in coverage, the need for a unified way to deal with protected medical information became clear.  Your medical records have always been private and protected information, falling under doctor-patient confidentiality rules which exist in the common law going back for centuries.  What was missing was a clear, unified standard for how to deal with them.  The HIPAA Privacy Rule, which is the part of HIPAA that generates all those forms, and which we all encounter, was authorized by the Administrative Simplification subtitle of HIPAA.  Something so important as a national standard for privacy of medical information came to us by way of an attempt to reduce bureaucracy!

So what are your rights under the HIPAA Privacy Rule?  The Rule covers all individually identifiable health information, and protects how that information can be shared.  The Rule also makes clear that your medical records belong to you, and you have a right to copies of them.  Teri Robert wrote a great sharepost about obtaining your records under HIPAA.  Your Rights to Your Medical Records.