HIPAA for Consumers

Protecting the Privacy and Security of Your Health Information

iconThe privacy and security of patient health information is a top priority for patients and their families, health care providers and professionals, and the government. Federal laws require many of the key persons and organizations that handle health information to have policies and security safeguards in place to protect your health information — whether it is stored on paper or electronically.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy, Security, and Breach Notification Rules are the main Federal laws that protect your health information. The Privacy Rule gives you rights with respect to your health information. The Privacy Rule also sets limits on how your health information can be used and shared with others. The Security Rule sets rules for how your health information must be kept secure with administrative, technical, and physical safeguards.

You may have additional protections and health information rights under your State's laws. There are also Federal laws that protect specific types of health information, such as information related to Federally funded alcohol and substance abuse treatment.

Your Health Information Rights

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule provides you with health information privacy rights. These rights are important for you to know. You can exercise these rights, ask questions about them, and file a complaint if you think your rights are being denied or your health information isn't being protected.

Accessing Your Health Information

You have the right to receive copies of your health information from your doctor and from other providers, such as physical therapists and social workers. If your health care provider keeps your records electronically, you have a right to receive them in either electronic or paper form.

Your Privacy Rights

If you believe your health information privacy has been violated, the U.S. Department of Health and Human Services has a division, the Office for Civil Rights, to educate you about your privacy rights, enforce the rules, and help you file a complaint.

Your Health Information Security

Health care providers and other key persons and organizations that handle your health information must protect it with passwords, encryption, and other technical safeguards. These are designed to make sure that only the right people have access to your information.

Content last reviewed on September 20, 2017
Was this page helpful?