HIPAA, or the Health Insurance Portability and Accountability Act, is a law designed to safeguard the protected health information, including medical records, of individuals, according to the U.S. Department of Health & Human Services. HIPAA also provides rights to individuals for amending their medical records.
All entities that store or use the medical records of individuals, including clinics, hospitals, health insurance companies and contractors of any of these entities, are subject to HIPAA regulations, states the U.S. Department of Health & Human Services. Employers, law enforcement and schools are some of the entities that do not have to follow HIPAA laws. Individuals are allowed to obtain copies of their medical records and must give permission to the HIPAA-covered entities before those entities can share health information.
Another aim of HIPAA laws is to prevent misuse of patient records by increasing the efficiency of data management systems, explains personal insurance expert Bobbie Sage for About.com. Agencies required to follow HIPAA regulations must implement steps to maintain the security of patient health information. Safeguards include key card systems to track the individuals who have access to protected health information and secure electronic transaction systems to ensure any information sent electronically is equally protected. Limiting the disclosure of information to certain individuals is another way to protect health information, notes the U.S. Department of Health & Human Services.