Blue Button puts the information others hold about you in your hands. You decide how to use it. Using Blue Button does not give anyone else access to your health records unless you choose to share it. Healthcare providers, such as doctors and hospitals, are accountable for the privacy and security of patients’ health records by a law called “The Health Insurance Portability and Accountability Act (HIPAA).” Healthcare providers are required by HIPAA to set up physical, administrative and technical safeguards to protect your health records. This may include “access controls” like passwords and PIN numbers to help limit who has access to your information; “encryption” so your health information can’t be read or understood except by someone who is approved to view it; and an “audit trail” so there is a record of who has looked at your information and what changes were made to it and when.

Once you download your health records from your healthcare provider or health insurance company’s web site via Blue Button, it is your responsibility to protect that information.