Misconceptions about HIPAA and Medical Records


After the initial introduction of the Health Insurance Portability Accountability Act (HIPAA) in 1996 when is was intended to protect a patient’s access to insurance, additional rules were added over the years to address the increase in the electronic sharing of medical records. 

Here are some misconceptions about HIPAA and how they affect patients.

Myth 1: HIPAA Forbids Sharing of Information with Family Members

This is not the case and is a common misconception which exists due to the complexity of the legislation. Rather than try and ensure that they are compliant, a lot of health care providers just refuse to share your information with a family member or anyone else.

However, this is not the case. If you allow specific permissions, in writing, records can be shared with anyone you wish to have access.

Myth 2: Copies of Health Records can only be given to Patients or Caregivers 

There are lots of people and groups that may access a patient’s medical records without a patient’s permission, some legally and some illegally.

Myth 3: If an Employers is Providing Healthcare then they can obtain an Employee’s Records

This is forbidden whether the employer participates in an outside insurance plan, or is self-insured, if it interests you, you can read more about it on https://www.hipaaguide.net/.

Myth 4: Doctors are Forbidden from Exchanging Email With Their Patients by HIPAA

As was previously mentioned, the complexity of HIPAA means that some Doctors will just refuse to do this due to fear. However, HIPAA does not forbid this and requires only that health information is 100% secure.

Myth 5: HIPAA states that you are entitled to all of your medical records

Some medical records may be withheld and not provided to you if the provider had a valid reason to believe that they may be harmful to you.

Myth 6: You can take a legal action to gain access to withheld medical records

The U.S. Department of Health and Human Services (HHS) has a procedure for patients to follow if they believe their rights have been breached. While it does not allow for a legal action it does include filing a formal complaint through an online process.

Myth 7: Privacy and Security for All Medical Records is taken in account in HIPAA Legislation

This is only true in certain situations however technically healthcare providers, healthcare facilities, and sometimes insurers are the only entities bound by HIPAA laws.

 Myth 8: Any Errors Found in Patient Records be Amended as per HIPAA

While you do have a right to request changes to your records, there is nothing legal to say that they must be corrected. You may write a dispute letter about the errors you have found and the provider or facility in question must include your letter in your patient file.

Myth 9: Medical Records Will Not Impact your Credit History

Healthcare suppliers may do whatever is legal under bill collecting statutes to collect that debt arising from medical treatment. This may include turning your files over to a collection agency.

Myth 10: It is Illegal for Medical Information to be Sold or Used for Marketing Purposes

This is not the case. If permission is obtained then, in some cases, it may be used for marketing.

Myth 11: HIPAA Can Be Used as Reason to force Patients into a certain course of action

HIPAA cannot be used to either prevent or require a patient to do a certain thing. This is not the case.

Leave a Comment