Health Insurance Portability & Accountability Act (HIPAA)

Learn about laws and legal protections that impact the hereditary cancer community. Learn how to file a grievance or complaint.

Stay up to date on research and information

Sign Up for FORCE Newsletters

Privacy, Policy & Legal Issues > Laws & Protections > Privacy & Nondiscrimination

HIPAA protects medical records & other health info

The Health Insurance Portability and Accountability Act (HIPAA) is a law that provides privacy standards to protect patients' medical records and other health information. HIPAA gives you rights over your health information, including the ability to get a copy of your medical records or other information.

HIPAA includes a privacy policy that requires health care professionals to notify you about your privacy rights and how your information can be used. The privacy rule provides for sharing your medical information (including genetic test results) for certain reasons, including the release to insurance companies for payment. In most cases, the policy requires your permission before your health information can be shared with other individuals or organizations.

It is important to read and understand your health care providers’ policies and any medical release forms before signing them.

HIPAA does not apply to life insurers, law enforcement agencies and many government agencies. Some states have laws that provide additional protections for health information.

Filing a Complaint

If you believe that your health information privacy rights have been violated, you may file a complaint with the U.S. Department of Health & Human Services Office for Civil Rights (OCR). OCR can investigate complaints against HIPAA-covered parties including health plans, health care clearinghouses, health care providers and their business associates.