Patient’s Guide to HIPAA: Index to Frequently Asked Questions (FAQs)





Patient’s Guide to HIPAA Starting Page: How to Use and Quick Start


Quick Start

Navigation tips

Changes in the 2013 edition



Introduction and Background


FAQ 1. What is the World Privacy Forum?

FAQ 2. Where Else Can I Find Help?

FAQ 3. What Federal Laws Are Relevant to Health Privacy?


Privacy Act of 1974

Confidentiality of Alcohol and Drug Abuse Patient Records Regulations

Family Educational Rights and Privacy Act

Americans with Disabilities Act

Genetic Information Nondiscrimination Act (GINA)



Part I:  Learning About HIPAA


FAQ 4. What is HIPAA and Why Should You Care?

FAQ 5. Who is a Patient?

FAQ 6. Do Children Have Privacy Rights?

FAQ 7. Do Privacy Rights Survive Death?

FAQ 8. What’s a Health Record?

FAQ 9. Which Health Care Entities Must Comply With HIPAA?

FAQ 10. What are Fair Information Practices and How Do They Relate to HIPAA?

FAQ 11. Does HIPAA Protect Privacy?

FAQ 12. How to Solve Problems Presented by HIPAA



Part II:  Basic Patient Rights


A. Right to a Notice of Privacy Practices

FAQ 13. What is a HIPAA Notice of Privacy Practices?

FAQ 14. Why Are the Notices Long and Boring?

FAQ 15. Should I Read the Notice?

FAQ 16. What Are the Forms that My Doctor’s Office Asks Me to Sign?

FAQ 17. What Are the Most Important Parts of the Notice?


B. Right to Inspect and Copy Your Record

FAQ 18. Why Both Inspect and Copy?

FAQ 19. Do I Want to See or Copy My Record?

FAQ 20. Which Records Can I Get and in What Formats?

FAQ 21. How Much Will It Cost?

FAQ 22. How Do I Make a Request for Access?

FAQ 23. What Records Should I Ask For?  The Strategy of Asking for Records.

FAQ 24. Can Covered Entities Withhold some Medical Records?


C. Right to Request Confidential Communications

FAQ 25. What is the Right to Receive a Confidential Communication?

FAQ 26. How Do I Exercise the Right to Receive a Confidential Communication?

FAQ 27. Does the Right to Receive a Confidential Communication Apply to Health Plans?

FAQ 28. Are There Any Other Requirements?


D. Right to Request Amendment

FAQ 29. How Do I Make a Request for Amendment?

FAQ 30. Can I Ask that Incorrect Information be Removed From My File?

FAQ 31. What Other Limits Are There on the Right to Seek Amendment?

FAQ 32. Do I Have Greater Amendment Rights under State Laws, other Federal Laws, or Hospital Policies?

FAQ 33. What Happens When a Covered Entity Agrees to Make an Amendment?

FAQ 34. Can I Appeal if a Covered Entity Refuses to Make an Amendment?

FAQ 35. Are There Other Remedies if My Request for Amendment Is Denied?

FAQ 36. Can a Covered Entity Still Disclose The Information that I Disputed?


E. Right to Receive an Accounting of Disclosures

FAQ 37. What’s an Accounting of Disclosures?

FAQ 38. Why Should I Care about Accounting of Disclosures?

FAQ 39. How Do I Make a Request for an Accounting of Disclosures?

FAQ 40. Who Has to Provide Me with an Accounting of Disclosures?

FAQ 41. What does it Cost to Obtain an Accounting of Disclosures?

FAQ 42. What are the Limitations of an Accounting of Disclosures?

FAQ 43. Why Bother Asking for an Accounting if It Has so Many Loopholes?

FAQ 44. Do I have Greater Rights under State Laws, Other Federal Laws, or Hospital Policies?

FAQ 45. What’s the Best Strategy for Making a Request?


 F. Right to Complain to the Secretary of HHS

FAQ 46. Can I File a Federal Complaint about a HIPAA Problem?

FAQ 47. What Information Belongs in a Complaint?

FAQ 48. Will Filing a Complaint Really Help?

FAQ 49. What Should I do if I See a Privacy Violation?

FAQ 50. Should I Worry that a Covered Entity will Retaliate if I File a Complaint?


G. Right to Request Restrictions on Uses and Disclosures

FAQ 51. What is the Right to Request Restrictions on Uses and Disclosures?

FAQ 52. Why is the Right to Request Restrictions Almost Meaningless?

FAQ 53. Is the Right to Limit Disclosures to Relatives and Friends Meaningless Too?



Part III. What You Should Know about Uses and Disclosures


FAQ 54. Does HIPAA Really Restrict Use and Disclosure of My Health Records?

FAQ 55. Is My Consent Needed to Disclose Records for Treatment or Payment?

FAQ 56. Are Disclosures for Treatment, Payment and Health Care Operations Okay?

FAQ 57. Do I Have a Say in Any Disclosures?  (Facility Directories and Caregivers)

FAQ 58. Does HIPAA Allow Uses and Disclosures Without My Approval?

FAQ 59. What Are Uses and Disclosures Required by Law?

FAQ 60. What Are the Allowable Uses and Disclosures?

FAQ 61. What Should I Do if Asked to Sign an Authorization to Disclose my Record?

FAQ 62. Do I Need a Disclosure Authorization to Care For My Elderly Parent?

FAQ 63. What Can I Do if I Foolishly Signed an Authorization?

FAQ 64. Can My Health Records be Used for Marketing?

FAQ 65. What Does the Breach Notice I Received Mean?