Departments & Programs,UW Hospital and Clinics,Compliance,Privacy,HIPAA

Introduction to HIPAA Privacy Rules

Introduction to HIPAA Privacy Rules - Departments & Programs, UW Hospital and Clinics, Compliance, Privacy, HIPAA


Understanding the HIPAA Privacy Rules Starts With Understanding What Patient Information Is 

The HIPAA privacy rules tell you what you can and cannot do when you are around confidential patient information (which is also called "protected health information" or "PHI"). 

Patient information is information with a patient's name or other identifier attached to it (such as medical record number, birth date, social security number, photo and so on). If information does not identify a patient, then it is anonymous information, and workers can use it without worrying about HIPAA rules. The HIPAA privacy rules only apply to information that identifies a patient, i.e., patient information. 

Patient information may be written, spoken or electronic. An example of written patient information is a medical record chart. An example of spoken patient information is two employees in an elevator talking about a patient. An example of electronic patient information is a prescription that is saved on a computer disk or that is sent by email. 

Read more about patient information or PHI 

Any Worker Could Violate Patient Privacy, So We All Must Follow the HIPAA Privacy Rules 

Any worker could walk by a wastebasket with patients' documents inside, or could overhear patients talking about their health in a public area. If any of us read patient documents taken from a wastebasket, or told a friend what we overheard patients saying, then we would be violating patient privacy. Because any worker could violate patient privacy, the government requires all of us to learn HIPAA's privacy rules. 

Real-life privacy violations

The Privacy Rules Discussed 

The following discussion tells you what you need to know about the HIPAA privacy rules.