All individuals have the right to privacy regarding their health information. As healthcare professionals, you are responsible for protecting all health information in your possession, sharing it only with those who are authorized to receive it. Patients have the right to decide who, when, and where information about their health care should be shared.
Private information is shared with health care professionals with a sense of trust that the information will not be shared in an inappropriate or illegal manner. The circumstances under which medical information can be shared is agreed upon in advance of medical services. The patient is made aware of these circumstances and agrees to the sharing of information with the disclosed parties.
In the United States, the Health Insurance Portability and Accountability Act (HIPAA) protects patients' rights with respect to their health information. HIPAA:
- Requires reasonable security measures to protect individuals' health information.
- Establishes accountability for use and release of this information.
- Gives individuals rights regarding their health information.
If a healthcare facility is located in the United States, accessing and/or sharing confidential patient information with unauthorized persons is in violation of HIPAA. Respecting the privacy of an individual's health information is therefore not only an ethical obligation but also a legal obligation.