What Does HIPAA Mean for Patients?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a law that protects your health information. This law may not have made big changes in your doctor’s behavior, but it set national standards so that all patient information is covered by the same privacy rules. Before this law was passed, different healthcare facilities might follow different rules and procedures. Now all healthcare providers in the United States follow the same rules. 

Under HIPAA, healthcare providers cannot share protected health information without permission from the patient. There are some exceptions, such as law enforcement inquiries or communication with others involved in patient treatment, but in general, HIPAA ensures that your health information is kept private.


Your health information is also made available to you under HIPAA. You have a right to look at your medical records and to have them sent to another person (such as a relative or another healthcare provider) when you ask to have this done. 

If you have the information sent to a third party, however, your healthcare provider is not responsible for the security of that information. 


Your healthcare provider may not share information with another person if you do not want them to. For example, your employer cannot call your doctor and ask questions about your health without your permission. Your doctor will not answer questions of this kind. 

Your health information also cannot be used for marketing purposes. That is, a salesperson can’t get a list of patients with hearing loss and send a mailing to those people to sell hearing aids. 


The portability mentioned in HIPAA applies to health data. Records from one doctor will be sent to another doctor when a patient requests that sharing. Since health data is portable, you can carry your health records (or have them transmitted electronically) from one healthcare facility to another. 

HIPAA doesn’t cover every kind of health information. For example, your employer, school, or doctor can ask whether you’ve been vaccinated. Your Apple Watch or Fitbit information is not covered by HIPAA. But HIPAA makes certain that you have access to your medical records and that they are protected.