Your Privacy Matters

Privacy and Health Information

You have privacy rights under a federal law that protect your health information. This law sets rules and limits on who can access your health information.

Who must follow this law?

• most doctors, nurses, pharmacies, hospitals, nursing homes and other health care providers and their vendors
  
• health insurance companies, HMOs and most employer group health plans
• certain government programs that pay for health care, such as Medicare and Medicaid
  

What information is protected?

• information put in your medical records
  
• conversations your doctor has with nurses and others regarding your care
  
• information about you in your health insurer’s computer system
• billing information about you at your clinic
  
• most other health information about you held by those who must follow this law
  

What rights do you have over your Protected Health Information (PHI)?

• right to access your PHI
• right to request an amendment to your PHI
• right to receive an accounting of disclosures of your PHI
• right to request restrictions on the use and disclosure of your PHI
• right to pay out of pocket for treatment without reporting to a health plan
• right to have reasonable requests for confidential communications of PHI accommodated
• right to notice of a breach of your PHI
• right to file a complaint with the Office for Civil Rights
• right to a written Notice of Privacy Practices (for a copy, visit whs.org or ask at registration)
  

What are the rules and limits on who can see and receive your health information?

To make sure that your health information is protected in a way that doesn’t interfere with your health care, your information can be used and shared:

• for your treatment and care coordination
• to pay doctors and hospitals for your health care and help run their businesses
• with your family, friends or others you identify who are involved with your health care or your health care bills, unless you object
• to make sure doctors give good care and nursing homes are clean and safe
• to protect the public’s health, such as by reporting when the flu is in your area
• to make required reports to the police, such as reporting gunshot wounds
  

Without your written permission, your provider cannot:

• give your health information to your employer
• use or share your health information for marketing or advertising purposes
• share private notes about mental health counseling sessions

Source: U.S. Department of Health & Human  Services Office for Civil Rights