Get trained on regulations affecting your industry through online webinars, learn the best practices, and download quality standards, checklists and news articles. Listen to experts on best practices to streamline quality and compliance processes and meet the regulatory demands.
Most Frequently Asked Questions about HIPAA
1. What does the HIPAA Privacy Rule do?
The HIPAA Privacy Rule for the first time creates national standards to protect individuals’ medical records and other personal health information.
For patients – it means being able to make informed choices when seeking care and reimbursement for care based on how personal health information may be used.
2. Can telemarketers obtain my health information and use it to call me to sell goods and services?
Under the HIPAA Privacy Rule, a covered entity can share protected health information with a telemarketer only if the covered entity has either obtained the individual’s prior written authorization to do so, or has entered into a business associate relationship with the telemarketer for the purpose of making a communication that is not marketing, such as to inform individuals about the covered entity’s own goods or services.
If the telemarketer is a business associate under the Privacy Rule, it must agree by contract to use the information only for communicating on behalf of the covered entity, and not to market its own goods or services (or those of another third party).
3. How does the HIPAA Privacy Rule affect my rights under the Federal Privacy Act?
The Privacy Act of 1974 (U.S. Department of Justice) protects personal information about individuals held by the Federal government. Covered entities that are Federal agencies or Federal contractors that maintain records that are covered by the Privacy Act not only must obey the Privacy Rule’s requirements, but also must comply with the Privacy Act.
4. If I believe that my privacy rights have been violated, when can I submit a complaint?
By law, health care providers (including doctors and hospitals) who engage in certain electronic transactions, health plans, and health care clearinghouses, (collectively, “covered entities”) had until April 14, 2003, to comply with the HIPAA Privacy Rule. (Small health plans had until April 14, 2004, to comply). OCR provides further information on its web site about how to file a complaint.
6. If I am unconscious or not around, can my health care provider still share or discuss my health information with my family, friends, or others involved in my care or payment for my care?
Yes. If you are not around or cannot give permission, your health care provider may share or discuss your health information with family, friends, or others involved in your care or payment for your care if he or she believes, in his or her professional judgment that it is in your best interest. When someone other than a friend or family member is asking about you, your health care provider must be reasonably sure that you asked the person to be involved in your care or payment for your care. Your health care provider may share your information face to face, over the phone, or in writing, but may only share the information that the family member, friend, or other person needs to know about your care or payment for your care.
Here are some examples: