Ohio.gov  |   State Agencies   |   Online Services
What is The Health Insurance Portability and Accountability Act (HIPPA)?

HIPPA protects patients’ medical records from becoming public knowledge. Medical records are private and anyone with access cannot share information with anyone except the patient. 

Who must follow this law:
  • All health insurance plans
  • Most healthcare providers
    (doctors, hospitals, nursing homes, pharmacies, dentists, psychologists, clinics)
  • Healthcare clearing houses:
    businesses that process health information they receive into a standard (or vice versa)
  • Companies that help pay the doctors for providing care
  • Companies that distribute health insurance plans
  • Lawyers, accountants, IT specialists
  • Companies that store/destroy medical records

Who does not have to follow this law:
  • Life insurance companies
  • Employers
  • Carriers of workers' compensation
  • Schools
  • State agencies
    (i.e. child protective services)
  • Law enforcement
  • Municipal offices

Rights you have over your health information:
  • Receive a copy of your health records
  • Request corrections to your health information
  • Receive notice how/why your information could be used/shared
  • Decided if you would like to give permission to have your information shared for certain purposes
  • Receive a report on when/why your information was shared
What information does HIPPA protect?
  • Information healthcare providers put into your medical records
  • Conversations between healthcare providers about treatment
  • Medical information held by your insurance company

How your health information can be used/shared:
  • For your treatment and care
  • To pay doctors and hospitals who have treated you
  • With those you have identified as involved with your healthcare (family, friends, etc.)
  • Protect public health (i.e. reporting the presence of illnesses in the local area)
  • Report required information to police