Home of the Patient’s Guide to HIPAA: How to Use the Law to Guard your Health Privacy




You are reading the Patient’s Guide to HIPAA Start Page

HIPAA Guide Quick Links:




How to Use This Guide

The purpose of this guide is to help patients understand how to make health privacy laws work to protect their privacy. One of the simplest ways to use this guide is to jump to the list of Frequently Asked Questions (FAQ) and browse the list. We’ve made the thick legal language of health privacy as simplified as possible for patients.

The guide focuses mostly on the federal health privacy rule known as HIPAA.  This federal privacy rule establishes a baseline of protection that applies to health care providers and health care insurers throughout the United States. The guide also discusses other federal laws that cover some medical records.

This guide does not offer detailed, technical explanations for every provision and every nuance of HIPAA. Instead, this guide concentrates on those parts of HIPAA that will be most helpful to real people. This guide does not review state law, and you need to know that a stronger state law can provide additional privacy protections. If you work at a covered entity, this guide may have some utility, but it will not tell you everything you need to know to carry out your HIPAA responsibilities. It will, however, offer a good introduction to the things that most patients care about.

You can read this guide cover-to-cover or you can use the index to Frequently Asked Questions (FAQs) to jump to the part of the guide that covers your particular question or problem. In some places, we include a sidebar to offer an illustration, explanation, or comment. From time to time, you will also find a “rule of thumb” offering a simple way to understand complex issues.


HIPAA Guide Quick Links 


The best place to start is to the list of FAQs:



Here are some more good places to start:



Navigation tips

You can navigate through the HIPAA Guide several ways.

  • You can use the HIPAA Guide Index as your starting page. Click on any question you see in the index. This is one of the simplest ways to navigate.
  • You can also click on the category tag “Patient’s Guide to HIPAA” to see all of the FAQs in one place.
  • At the top of each FAQ, you will find a link to the Index of FAQs so you can jump quickly through the guide.


2013 Update to the Guide 

This guide is prepared by Robert Gellman for the World Privacy Forum, with assistance from Pam Dixon, executive director, World Privacy Forum. John Fanning, former privacy advocate, U.S. Department of Health and Human Services, and Dr. Lewis Lorton, health technology and privacy expert contributed to the first edition of the Guide. Robert Gellman and the World Privacy Forum take responsibility for the judgments and accuracy of information in this guide. Nothing in this guide constitutes legal advice.

This version includes the changes that the Department of Health and Human Services adopted early in 2013 and that took effect on September 23, 2013. These changes cover amendments made by the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act) and by the Genetic Information Nondiscrimination Act of 2008 (GINA). Notice the big gap between the dates of these laws and the effective date of the implementing regulation. It takes a long time to convert new laws into working rules.

Publication date: September 20, 2013. 

Publication note: We updated FAQ 52, Pay Out of Pocket, Dec. 12, 2013.