What Is Health Care Privacy Law?

Health Care Privacy Law

Today, health care privacy law is driven by the 1996 Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule. This federal privacy rule establishes protections for specific patient health information. Health care plans, clearinghouses, and providers are subject to the law.

Under HIPAA, health care providers offer patients a choice about how their health information is disclosed for certain purposes, such as treatment and payment. In conjunction with HIPAA, providers must still follow any additional federal and state health care privacy laws that require patient consent prior to information disclosure.

A major goal of the Privacy Rule is to ensure that individual information is properly protected, without stopping or slowing the flow of health data. In addition, the Federal Trade Commission (FTC) has a Health Breach Notification Rule requiring businesses not covered by HIPAA to notify customers following a breach of individually identifiable electronic health information.