Protecting
the Privacy of Patients' Health Information
The first-ever federal privacy standards to protect patients'
medical records and other health information provided to health
plans, doctors, hospitals and other health care providers
took effect on April 14, 2003. Developed by the Department
of Health and Human Services (HHS), these new standards
provide patients with access to their medical records and
more control over how their personal health information is
used and disclosed. They represent a uniform, federal floor
of privacy protections for consumers across the country. State
laws providing additional protections to consumers are not
affected by this new rule.
Congress
called on HHS to issue patient privacy protections as part
of the Health
Insurance Portability and Accountability Act of 1996 (HIPAA).
HIPAA included provisions designed to encourage electronic
transactions and also required new safeguards to protect the
security and confidentiality of health information. The final
regulation covers health plans, health care clearinghouses,
and those health care providers who conduct certain financial
and administrative transactions (e.g., enrollment, billing
and eligibility verification) electronically. Most health
insurers, pharmacies, doctors and other health care providers
were required to comply with these federal standards beginning
April 14, 2003. As provided by Congress, certain
small health plans have an additional year to comply. HHS
has conducted extensive outreach and provided guidance and
technical assistant to these providers and businesses to make
it as easy as possible for them to implement the new privacy
protections. These efforts include answers to hundreds of
common questions about the rule, as well as explanations and
descriptions about key elements of the rule.
These materials are available at: http://www.hhs.gov/ocr/hipaa. |
NEWS ALERTS
