If you've ever gushed some intimate or gory details about your health to your physician, you may be worried that you'll be the hot topic of conversation at his dinner table that night or the patient he laughs about with his nurses at the water cooler.
Not to worry—your secrets are legally required to stay with your doc. HIPAA is a federal law enacted in 1996 that "required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge," according to the Centers For Disease Control and Prevention (CDC).
What does HIPAA stand for?
HIPAA stands for the "Health Insurance Portability and Accountability Act of 1996." The U.S. Department of Health and Human Services (HHS) originally created the HIPAA Privacy Rule to ensure sensitive patient information, also referred to as "protected health information," remained safe.
In addition to keeping patient data secure, healthcare providers and health insurance companies are also responsible for contacting patients in the event of a data breach. This allows patients to take proactive steps to monitor their financials for potential identity theft or other threats.
Who enforces HIPAA?
Healthcare providers, health plans, healthcare clearinghouses, and business associates are required to follow HIPAA regulations. If one of these entities breaks a HIPAA rule and legal action is taken against them, it's up to HHS to enforce the law. More specifically, the HHS's Office for Civil Rights (OCR) is responsible for ensuring HIPAA guidelines are followed by all parties.
While the HIPAA Privacy Rule is strictly enforced, there are some exceptions when the rule doesn't apply. For example, healthcare providers may speak to health insurance companies about patients to resolve payment issues. They can also disclose sensitive patient information when it's required by law or if they need to report potential victims of abuse, domestic violence, or neglect.
Why is HIPAA important?
HIPAA holds healthcare providers and administrators responsible for how they handle data and other secure information. Patients feel more secure knowing their information can't legally be shared and their data is protected.
The legislation continues to keep up with changes to the healthcare system and the latest additions address email protocol and other data on other digital platforms. "HIPAA has transformed healthcare and healthcare delivery over the past two decades, evolving itself alongside technology," says Jocelyn Samuels, former director of the OCR.
You can breathe a sigh of relief knowing your medical history, patient data, and embarrassing stories are safe and secure with your medical provider thanks to HIPAA. And to get through this pandemic at your healthiest, don't miss these 35 Places You're Most Likely to Catch COVID.