When it comes to our health, we are often at are most vulnerable. We place our lives in the hands of doctors, nurses and other health-care workers. Our privacy, too, can be extremely vulnerable when it comes to health care. That’s why the federal government created the Health Insurance Portability and Accountability Act, or HIPAA.
What is HIPAA?
HIPAA is a federal law that dictates how those in the health-care field protect your sensitive medical information. Passed in 1996 and bolstered in 2003, the U.S. Department of Health and Human Services (HHS) oversees HIPAA. The creation of the law was in reaction to the ever-increasing use of electronics in handling patients’ medical data.
HIPAA has two main parts. Title I: Health Care Access, Portability, and Renewability and Title II: Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform.
Title I regulates health insurers, including limiting impositions placed on pre-existing conditions. It also determines certain aspects of coverage for individual and group plans.
Title II is the component of HIPAA that addresses health-care privacy. Title II does the following:
- Gives patients greater access to and control over their health records
- Stipulates medical records' use and release
- Establishes privacy safeguards
- Holds violators of HIPAA rules accountable with civil and criminal penalties
- Allows patient control over health-information use
What information does HIPAA protect?
Most health plans, most health-care workers, pharmacists and health-care clearinghouses must follow HIPAA. It protects the privacy of a wide array of medical information, including:
- Information in your medical chart
- Conversations your doctors have about your care and treatment with other staff
- Health data your insurer collects
- Billing information
- Most other information about your health
Filing a complaint
While most health-care providers are compliant with HIPAA and take the law seriously, if you believe there was a breach of your privacy rights under HIPAA, you may file a complaint with HHS. The complaint must contain the name of the person or business that you think violated HIPAA and describe the act. HIPAA complaints must be filed within 180 days of when you found out about the HIPAA breach.
While it is not possible to file a lawsuit over a HIPAA violation, other state laws may have been broken in the process of violating HIPAA. If you experience a HIPAA violation, you may want to consider speaking with a lawyer who can best guide you through your options.