HIPAA (Health Insurance Portability and Accountability Act) is a federal law that sets out rules for sharing personal medical information and protecting it from unauthorized uses. It applies to information collected in hospitals, doctors’ offices, and other places that provide health care as well as to the businesses that help providers manage and store the data. The information may be on paper or in an electronic health record. The law allows people who are directly involved in the care of a patient or payment for services to see this information. Employers, marketers, fundraisers, or other people who want this information for their own reasons cannot have it.
Privacy & Confidentiality
HIPAA is based on two important ideas in patient care: Privacy and Confidentiality. Privacy refers to a person’s right to limit who knows what about one’s medical condition. It also refers to the right to have conversations about medical care in places where others cannot overhear. The detailed regulation that covers HIPAA is called the Privacy Rule. Confidentiality refers to a health care professional’s obligation to keep information from being disclosed without the patient’s consent, unless required by law or considered necessary for clinical reasons.