What is HIPAA?

The HIPAA stands for The Health Insurance Portability and Accountability Act. This federal Act protects the privacy of patient information from third parties. Therefore, most healthcare providers such as healthcare insurance companies, hospitals, etc. can only disclose patient information in cases when the HIPAA allows the disclosure. Under the HIPAA, apart from disclosing the patient’s information for treatment purposes, only “the minimum necessary to accomplish the purpose of the disclosure” can be revealed.
Additionally, to further the goal of information security, as part of HIPAA, more incentives have been created for hospitals and insurance companies to transition to keeping electronic medical records under the HITECH Act.

What Is the Employer Allowed to Know Under the HIPAA?

Under the Act, an employer may, for example, ask for information that pertains to an employee’s doctor’s note for requested time off or information that would affect health insurance benefits. Anything else would require the written approval of the employee in order to be revealed.

What is the Privacy Rule Under the HIPAA?

The Privacy Rule under the HIPAA is a national standard that is applied throughout the nation to protect the confidential information of employees. The Rule gives every person the rights over his or her health care information, including the right to gain access to those records and make requests about changing the records.

What Is Covered Under HIPAA?

Generally, a person’s “health information” is covered under HIPAA. This information includes the entire history of a person’s conditions, treatments and expenses on healthcare. It also includes the person’s demographic information, Social Security number, address and name.
HIPAA does not cover, however, information available publicly.

How Do I File a Complaint Under the HIPAA?

HIPAA complaints are filed with the U.S. of Health and Human Services Office for Civil Rights. A complaint has to be filed on the OCR website or by mail or fax. It has to be filed within 180 days of the occurrence of the event that the complaint concerns. The 180 days window may be extended if “good cause” is shown.
HIPAA prohibits any kind of retaliation against the complainant, and, therefore, any retaliation should also be reported to the OCR.

EPGD Business Law is located in beautiful Coral Gables, West Palm Beach and historic Washington D.C. Call us at (786) 837-6787, or contact us through the website to schedule a consultation.

*Disclaimer: this blog post is not intended to be legal advice. We highly recommend speaking to an attorney if you have any legal concerns. Contacting us through our website does not establish an attorney-client relationship.*

Share this post

Eric Gros-Dubois

Eric P. Gros-Dubois founded EPGD Business Law in 2013 and is the current head of the firm’s corporate, estate planning, and tax practice, and manages the firm’s Washington D.C. office. With a JD and MBA, and a specialization in finance, Eric is able to step back and view the legal world through a commercial lens while also acting as a trusted business advisor for his clients. He does his best to be solutions oriented, and tries to think like a business owner, not just a lawyer.


*The following comments are not intended to be treated as legal advice. The answer to your question is limited to the basic facts presented. Additional details may heavily alter our assessment and change the answer provided. For a more thorough review of your question please contact our office for a consultation.

Leave a Reply

Your email address will not be published. Required fields are marked *



Contact Us

"*" indicates required fields