Roadmap: Patient’s Guide to HIPAA: Introduction and Purpose (FAQ 3 of 65)
HIPAA is the most important federal health privacy law for almost everybody in the United States. Most of this guide explains what you should know about HIPAA.
We also highlight some other federal laws that may be relevant to your health privacy. There are five federal laws beyond HIPAA we think you should know about. Each of these touches on privacy in a slightly different way.
Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 4 of 65)
You can’t get very far into health privacy without running across the acronym HIPAA, which stands for the Health Insurance Portability and Accountability Act, a 1996 US federal statute. Although many people associate HIPAA just with health privacy, the Act actually covers many topics unrelated to privacy. The part of the Act relevant to privacy directed the Department of Health and Human Services to write a health privacy rule. The rule originally took effect on April 14, 2003. Some refer to it as the health privacy rule, the HIPAA rule, or just plain HIPAA. Other HIPAA rules also exist, but they don’t relate to health privacy. When we say HIPAA in this document, it means the HIPAA health privacy rule unless we state otherwise.
Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 5 of 65)
Interestingly, HIPAA does not use the term patient. Not everyone who is the subject of a health record is a patient. For example, you may be the beneficiary of a health insurance policy. The insurer has information about you, but you are not the insurer’s patient. Even if that information is only your name, address, and plan number, it is protected health information (PHI) under HIPAA. The HIPAA rule addresses this problem by using the term individual, but we find that term a bit jarring. We use the more familiar term patient here because just about everyone is a patient eventually. HIPAA’s individual and our patient are identical. (For more about what we mean by the term protected health information, see FAQ 8.)
Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 6 of 65)
Yes, but it is complicated. The basic answer is that if a child has a right to make a health care decision about himself or herself, then the child has the right to control information associated with that decision. Otherwise, a parent or guardian or person acting in loco parentis can exercise privacy rights on behalf of a child.
Roadmap: Patient’s Guide to HIPPA: Part 1: Learning About HIPAA (FAQ 7 of 65)
Not in the way that they did before. Until the rule changed in 2013, a patient’s privacy rights survived death and lasted forever. The 2013 change means that privacy protections remain in place for fifty years after the date of death. However, if a State has a law that provides for additional privacy protection, that law remains in force. Further, the professional responsibilities of health care providers may require that patient records receive longer protection.