Call Us

What Should You Know About HIPAA Guidelines?

An overview of how this law protects your health coverage and health records

Key Takeaways

  • Purpose

    The primary purpose of HIPAA is to protect healthcare coverage and medical information.

  • Parts of HIPAA

    HIPAA has two parts, Title I and Title II, that protect pre-existing health conditionA pre-existing condition is an illness, injury or other medical condition you had before you enrolled in your health insurance policy. coverage and how your medical information is shared electronically.

  • Authorization

    Hospitals and medical practices should not release any of your medical information without permission, according to HIPAA.

  • Individual Health Plan

    HIPAA guarantees you the right to purchase an individual health insuranceIndividual health insurance is coverage, purchased by you, that covers you and your family's medical needs. This type of insurance is offered and sold by private companies..

Wooden blocks with the letters HIPPA.

What's the Purpose of HIPAA?

The primary purpose of the Health Insurance Portability and Accountability Act (HIPAA) is to help you keep health insurance coverage and protect your personal medical information. HIPAA includes two parts: Title I and Title II.

Title I focuses on the “Portability” part of HIPAA. Title I provides people with pre-existing medical conditions the ability to change health insurance plans without losing coverage. This section of the law is helpful to anyone that loses or changes their job. The “Accountability” part of HIPAA, called Title II, focuses on your medical records’ security and storage.

What's Protected?

New health insurance plans typically exclude coverage [1] for pre-existing health conditions. The exclusion can last up to a year and is called an “exclusion period.” If you change jobs and enroll in a new insurance plan, HIPAA protects you from the exclusion period.

The only exceptions to HIPAA protection are:

  • You were covered for less than one year under your old insurance plan.
  • You did not have a gap in health insurance coverage for more than 63 days before joining the new policy.

If you were enrolled in a health insurance plan for less than one year, it’s not all bad news. The exclusion period can be reduced. For example, six months of coverage before you switch plans can reduce your exclusion period by six months.

Does HIPAA Work with All Health Insurance?

It’s essential to know the term “creditable coverage.” Most group and individual health plans, including Medicare and Medicaid, are considered creditable coverage under the HIPAA law. You can contact your old health insurance company and request certification of creditable coverage at any time.

To be considered “HIPAA-eligible” to purchase individual health insurance coverage, you must:

  • have had at least 18 months of continuous creditable coverage [1]
  • have used the entirety of your COBRA coverage
  • not be eligible for Medicare, Medicaid, or a group health plan
  • not have health insurance
  • apply less than 63 days after losing your previous health insurance coverage

If you meet all of these requirements, you cannot be denied individual health coverage in your state regardless of health status.

Healthcare Privacy

Healthcare privacy is part of Title II, and it focuses on three important rules.


The Privacy Rule

This rule protects your personal health information, including your medical record and payment history. It requires care providers, health plans, and other organizations to get authorization before sharing any information. It allows you to request access to your Personal Health Information (PHI).


The Security Rule

This rule protects your PHI when it’s shared or stored electronically. Care providers and organizations are required to follow specific security guidelines to secure and protect your information. This rule limits access to your information.


Transaction and Code Sets Rule

This rule is designed to make sure Medicare health insurance claims and payments are handled quickly and consistently.


Can Doctors Share My Information with My Family?

Yes. As long as you do not object, your healthcare provider is allowed to share or discuss your health information with your family, friends, or others involved in your care or payment for your care. In most cases, a provider will ask your permission or tell you he or she plans to discuss the information and provide an opportunity for objection.

What Type of Insurance Is Not Covered Under HIPAA?

HIPAA does not include employer-funded group health plans with less than 50 participants, and government-funded health centers. Also, HIPAA does not include works compensation plans and liability insurance plans.

What is ‘Health Information?’

Under HIPAA, “health information” is anything that is created or received by a health care provider, health plan, employer, school or university and relates to:

  • Your past, present, or future physical or mental health
  • Treatment provided to you
  • Any past, present, or future payment for healthcare an individual receives.

This health information can exist in any form, including paper, electronic, or oral.

What's Next?