Privacy and Health Information
You have privacy rights under a federal law that protect your health information. This law sets rules and limits on who can look at and receive your health information. These rights are important for you to know.
Who must follow this law?
- most doctors, nurses, pharmacies, hospitals, nursing homes and other health care providers and their vendors
- health insurance companies, HMOs and most employer group health plans
- certain government programs that pay for health care, such as Medicare and Medicaid
What information is protected?
- information your doctors, nurses and other health care providers put in your medical records
- conversations your doctor has with nurses and others regarding your care or treatment
- information about you in your health insurer’s computer system
- billing information about you at your clinic
- most other health information about you held by those who must follow this law
What rights do you have over your health information?
Providers and health insurers must comply with your right to:
- ask to see and get a copy of your health records
- have corrections added to your health information
- receive a notice that tells you how your health information may be used and shared
- decide if you want to give your permission
before your health information can be used or shared for certain purposes, such as for marketing
- get a report on when and why your health information was shared for certain purposes
- request that those who follow this law restrict how they use or share your health information
- file a complaint
What are the rules and limits on who can see and receive your health information?
To make sure that your health information is protected in a way that doesn’t interfere with your health care, your information can be used and shared:
- for your treatment and care coordination
- to pay doctors and hospitals for your health care and help run their businesses
- with your family, relatives, friends or others you identify who are involved with your health care or your health care bills, unless you object
- to make sure doctors give good care and nursing homes are clean and safe
- to protect the public’s health, such as by reporting when the flu is in your area
- to make required reports to the police, such as reporting gunshot wounds
Without your written permission, your provider cannot:
- give your health information to your employer
- use or share your health information for marketing or advertising purposes
- share private notes about mental health counseling sessions
Source: U.S. Department of Health & Human
Services Office for Civil Rights