By law, Medicare is required to protect the privacy of your personal medical information. When receiving health care services you may be asked to read and sign a written notice about privacy rules.
The Health Insurance Portability and Accountability Act (HIPAA) includes standards for the protection of certain health information. Under "The Privacy Rule", these standards address the use and disclosure of individuals' health information and individuals privacy rights to understand and control how their health information is used. The rules apply to how health care providers, pharmacies, health plans and other covered entities can use personal medical information. Covered entities under the HIPAA law are health care providers, health plans, and health care clearinghouses.
One major goal of the Privacy Rule is to assure that individuals' identifiable health information, or "protected health information" (PHI) is properly protected while still enabling the necessary flow of health information. The regulations apply to medical records and other PHI whether it is in oral, written, or electronic form.
You, as the patient, have the right to see your medical record and request corrections. You are also entitled to know how your personal medical information is being used as well as decide whether or not you want to be listed in a hospital directory. In addition, you can find out who has accessed your health records. If you feel your rights have been violated, you are entitled to file a complaint either with your provider or health plan, or by directly contacting the Office of Civil Rights of the Department of Health and Human Services.
For additional information visit, www.medicare.gov or call 1-800-633-4227.