Ensuring Privacy And Security Of Your Medical Records
In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPAA), which offers protection for personal health information, including medical records. HIPAA requirements rules establish a series of privacy and security standards for health care providers and the penalties for those who do not follow these standards.
HIPAA & Laws on Medical Records
HIPAA establishes three primary issues in regards to your medical records:
- The privacy rule protects the privacy of individually identifiable health information.
- The security rule sets national standards for the security of protected health information.
- The patient safety rule protect identifiable information being used to analyze patient safety events and improve patient safety.
Medical information that can personally identify you can not be disclosed without your consent, but with some exceptions. Those providing you with medical care can always disclose your information to other parties if they believe it is required for proper medical care. Those paying for your health care or health insurance, like your employer or your insurance company, can view parts of your medical record that are relevant to making payment decisions.
Depending on your state’s law you may have a right to sue if an invasion of privacy or a breach of doctor patient confidentiality occurred.
Notes on Privacy of Medical Records
- If you are looking to switch health insurance providers, your new provider can not access your medical records to determine your coverage or rate.
- Your health information may be used for research, but your name cannot be released.
- Your prescription drug information can be given to pharmaceutical companies anonymously.
- Debt collectors can access information regarding unpaid medical bills, but not specific treatment information.
- You and those you authorize, can be provided with a copy of your records when you perform a record request
If you think that your medical records privacy rights have been violated, you can file a complaint with the Department of Health and Human Services.
Privacy Concerns about your Medical Records
Medical providers and medical plans have access to and hold onto your medical records. They may transfer your records to other plans or providers if requested with your consent. Employers who provide medical plans or be medical providers can only access your medical records as far as concerns over payment. You may request a copy of your medical records from your employer or provider. Note that they cannot charge for the obtaining of your records though may charge for the process of delivering the records (such as copying, database use, etc.)
The HIPAA regulates that only you and a personal representative of your choice may obtain and view your medical records. Personal representatives include attorneys who can make medical decisions for you as a legal representative and parents/guardians of children. The only exception to forbidding a personal representative from viewing your records is in the event that a personal plan or provider reasonably believes that doing so may endanger the patient in situations of domestic abuse, violence and neglect.
Electronic Medical Records
Electronic medical records are used much more frequently nowadays with the widespread use of internet technology. Security measures for your medical records are provided by HIPAA so far as medical providers and plans are concerned. While most providers provide plenty of adequate security measures for electronic records, breaches can and do happen from time to time. HIPAA gives you the right to access your medical records for you to safely keep.
Security Concerns about your Medical Records
Maintaining the security of your medical records is vital in maintaining both your privacy and health in tact. While the HIPAA seeks to establish rules and regulations for privacy and security, it does not guarantee either. It does provide limited privacy protections for covered entities like health care providers, health plans and health-care clearinghouses which transmit information electronically.
While HIPAA seeks to provide some relief for your medical records, it does not provide any protection of financial records, education records or employment records. This is important to mention as these documents are very closely tied with medical records and may provide backdoor access to parts of or the entirety of your medical records. As such, the security of medical records is minimal at best, but you may seek to maintain the privacy of these other records in order to protect your valuable medical information.