The right to privacy and confidentiality is protected by the U.S. Constitution.
Who owns health information? Few federal or state laws address this topic directly.
Protected Health Information (PHI) is considered to be individually identifiable health information.
In general, PHI can be released only with the written authorization or consent of the individual.
Under HIPAA, the Department of Health and Human Services issued the HIPAA Privacy Rule.
Everyone has a right to oral privacy.
A patient's signed authorization is not required under the Privacy Rule.
Providers today are using clinical applications such as computerized physician order entry.
There are a few circumstances when disclosure of PHI without a patient’s consent is justified.
The Notice of Privacy Practices (NPP) describes how your healthcare provider may use, disclose, handle, collect and protect your PHI.