Patient’s Guide to HIPAA Part I: Learning About HIPAA

Patient’s Guide to HIPAA Part I: Learning About HIPAA (FAQ 4 – 12)

FAQ 4: What is HIPAA and Why Should You Care?
FAQ 5: Who is a Patient?
FAQ 6: Do Children Have Privacy Rights?
FAQ 7: Do Privacy Rights Survive Death?
FAQ 8: What’s a Health Record?
FAQ 9: Which Health Care Entities Must Comply With HIPAA?
FAQ 10: What are Fair Information Practices and How Do They Relate to HIPAA?
FAQ 11: Does HIPAA Protect Privacy?
FAQ 12: How to Solve Problems Presented by HIPAA

Patient’s Guide to HIPAA – Learning About HIPAA: What is HIPAA and Why Should You Care?

Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 4 of 65)

You can’t get very far into health privacy without running across the acronym HIPAA, which stands for the Health Insurance Portability and Accountability Act, a 1996 US federal statute. Although many people associate HIPAA just with health privacy, the Act actually covers many topics unrelated to privacy. The part of the Act relevant to privacy directed the Department of Health and Human Services to write a health privacy rule. The rule originally took effect on April 14, 2003. Some refer to it as the health privacy rule, the HIPAA rule, or just plain HIPAA. Other HIPAA rules also exist, but they don’t relate to health privacy. When we say HIPAA in this document, it means the HIPAA health privacy rule unless we state otherwise.

Patient’s Guide to HIPAA – Learning About HIPAA: Who is a Patient?

Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 5 of 65)

Interestingly, HIPAA does not use the term patient. Not everyone who is the subject of a health record is a patient. For example, you may be the beneficiary of a health insurance policy. The insurer has information about you, but you are not the insurer’s patient. Even if that information is only your name, address, and plan number, it is protected health information (PHI) under HIPAA. The HIPAA rule addresses this problem by using the term individual, but we find that term a bit jarring. We use the more familiar term patient here because just about everyone is a patient eventually. HIPAA’s individual and our patient are identical. (For more about what we mean by the term protected health information, see FAQ 8.)

Patient’s Guide to HIPAA – Learning About HIPAA: Do Children Have Privacy Rights?

Roadmap: Patient’s Guide to HIPAA: Part 1: Learning About HIPAA (FAQ 6 of 65)

Yes, but it is complicated. The basic answer is that if a child has a right to make a health care decision about himself or herself, then the child has the right to control information associated with that decision. Otherwise, a parent or guardian or person acting in loco parentis can exercise privacy rights on behalf of a child.

Patient’s Guide to HIPPA – Learning About HIPAA: Do Privacy Rights Survive Death?

Roadmap: Patient’s Guide to HIPPA: Part 1: Learning About HIPAA (FAQ 7 of 65)

Not in the way that they did before. Until the rule changed in 2013, a patient’s privacy rights survived death and lasted forever. The 2013 change means that privacy protections remain in place for fifty years after the date of death. However, if a State has a law that provides for additional privacy protection, that law remains in force. Further, the professional responsibilities of health care providers may require that patient records receive longer protection.