‘HIPAA does not give you a get-out-of-jail-free card’: What the health-privacy law does (and doesn’t) protect – By Meera Jagannathan (Marketwatch) / Oct 10 2020
Because President Donald Trump is receiving health care from a ‘covered entity,’ his information would be protected under the law, experts said
The clamor for information about President Donald Trump’s COVID-19 prognosis once again thrust HIPAA, a decades-old health-privacy law, into the spotlight. But it’s worth understanding what patient information the federal law does and doesn’t protect — and when it’s completely irrelevant to the topic at hand.
HIPAA, short for the Health Insurance Portability and Accountability Act, was enacted in 1996 and went into effect in 2003. Broadly speaking, it is a federal health-care privacy law that shields individuals’ protected health information from release by health-care providers without the individual’s permission, Margaret Foster Riley, a professor of law at the University of Virginia School of Law, told MarketWatch.
Its rules “essentially provide for the privacy and security of personal health information held by traditional health-care providers — so doctors, hospitals, pharmacies,” said Nicolas Terry, the executive director of the Hall Center for Law and Health at Indiana University. “It restricts the sharing of personal health information that’s identifiable to persons involved in the care of the patient, and in some cases some sort of billing and quality-control issues.”
HIPAA has exceptions, Terry added. The subject of the medical record, for example, can authorize a health-care provider to share the information more broadly if they choose. And the law has provisions by which information can be shared with public-health authorities, the legal system and some other entities, he said.
Continue to article: https://www.marketwatch.com/story/hipaa-does-not-give-you-a-get-out-of-jail-free-card-what-the-health-privacy-law-does-and-doesnt-protect-11602274148?mod=home-page