Skip Navigation

Section 18: The Health Insurance Portability and Accountability Act

The information collected from and about a patient is very sensitive. It is used to care for the patient and should be shared only with those involved in the patient's care. The School of Medicine is committed to maintaining patient privacy and confidentiality. The only exceptions to this rule are when the patient consents to or authorizes release of the information or when a law or regulation requires or authorizes use or disclosure. While all patient information must be protected, certain laws require additional security for extremely sensitive records such as those relating to alcohol or substance abuse, mental health treatment and human immunodeficiency virus.

The Health Insurance Portability and Accountability Act of 1966 [HIPAA] provides federal patient privacy and security rules. Residents should all be familiar with these rules and the policies regarding patient confidentiality, privacy and security. Residents will be provided information regarding HIPAA during orientation.

Patients have rights to keep health care information about themselves from being inappropriately used and/or disclosed.

CONFIDENTIALITY is the responsibility for limiting use or disclosure of private matters such as health care matters and releasing the information with the authorization of the patient.

PRIVACY is the right to be free from intrusion into one's private affairs and to maintain control over personal information.

SECURITY is the ability to control access to patient information and protect it from destruction, loss or unauthorized access.

MINIMUM NECESSARY although does not apply for Treatment purposes, providers should only access patient information as part of their necessary job duties/functions. 

Failure to abide by the policies regarding patient confidentiality, privacy or security are grounds for discipline up to and including termination from the residency training program.

If you have questions or concerns about patient confidentiality, privacy or security, call the office of compliance programs @ 404-778-2757.