Thomas Germain of Consumer Reports writes:
You hear about HIPAA all the time. The Health Insurance Portability and Accountability Act is described on forms at the doctor; it’s referenced in privacy policies; it’s even mentioned on the news. Unfortunately, one of the most common things you hear is a misconception. Many people believe that HIPAA creates special protections for any information related to your health, but that is not the case.
“HIPAA doesn’t actually protect medical data” in all circumstances, says Anna Slomovic, a data management and policy consultant whose specialties include health privacy. “People think that it’s sensitive data, and therefore it’s protected, but that’s just not true.”
The law, which was enacted in 1996, was largely concerned with issues like helping people maintain health insurance when they change jobs. It does lay out privacy rules for health care providers and insurance companies to follow when they handle personally identifiable medical data. However, the same piece of information that’s protected at a doctor’s office can be totally unregulated in other settings.
I’ve been writing about HIPAA for years, and more often than not when someone mentions a situation where they think the law protects their privacy, they’re wrong.
Read more at Yahoo!