HIPAA Privacy and Access to Medical Records Resource Center
Privacy and confidentiality of medical records is something that is protected by both state law and federal law; however, since the passage in 1996 of the Health Insurance Portability and Accountability Act (HIPAA) and the subsequent passage of HIPAA administrative simplification regulations on the privacy of health information, compliance with federal law has generally become the benchmark for determining if a patient or individual's health information has been adequately protected. HIPAA standards, which prevent the dissemination of a consumer's health information without the consumer's permission (although there are a few exceptions), apply to all business associates of healthcare providers, including insurance companies, contract workers in healthcare facilities, and bill collectors. HIPAA has had a substantial effect on how healthcare providers do everything from calling patients in a waiting room to collect bills. Consumers should know their rights to protect their personal information and to obtain their own medical records. Programs that assist consumers also need to know both how to protect privacy and how to obtain relevant medical records for consumers whom they are assisting.
Issue Briefs and Articles on HIPAA Privacy from the Health Assistance Partnership
Government Resources on HIPAA Privacy
The Centers for Medicaid and Medicare Services (CMS) enforce HIPAA's privacy rules. Some of the pages the federal government maintains on privacy include:
