The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is widely cited in the discussion of medical privacy, but many don’t fully understand what the law entails and how it applies to specific instances of interactions between patients and providers and the wider world.

Here are some of the key facts to know about HIPPA and how they apply to you as a patient.

What Information Does HIPPA Govern the Use of?

The provisions of HIPPA designate the proper management of what it terms “protected health information” under regulatory law. This can include but is not necessarily limited to treatment information, medical test results, prescription information and diagnoses.

Essentially, any bit of data that might indicate anything about your personal health status is likely to be covered under HIPPA. In a classic example, employers interviewing job candidates cannot legally ask about any communicable diseases that an individual might have (such as HIV) as this is privileged medical information and could be used in a discriminatory manner.

Facilitating Information Flow While Protecting Privacy


From a functional perspective, the aim of HIPPA is to provide a framework for information sharing that guarantees the protection of vital, highly personal medical information while simultaneously allowing the smooth sharing of this information as necessary for conducting business in the medical space.

In cases where patients transfer between providers or cases are referred to specialists, ensuring the timely delivery of accurate information is essential. This is what HIPPA achieves through its protocols.

De-Identified Health Information


Obviously, research institutes utilize data at large scales to conduct population-wide reviews of various diseases and their treatments in an effort to develop better prevention and treatment methods or to better understand the pathologies that lead to illnesses.

IN these situations, they often utilize what is called “de-identified health information.” This label applies to all data that is stripped of any personal information such as patient names, dates of birth, etc. This type of information does not fall under the Privacy Rule of HIPPA and can therefore be shared more freely.


HIPPA provides key protections for patients and providers to ensure that healthcare is delivered in a safe manner that does not expose sensitive data to outside individuals or groups that may use that information for nefarious purposes.