Install App?
rxless logo
Install Not Now
rxless logo

Use Google Chrome to get the RxLess app

rxless logo

RxLess app successfully installed!

App installation banner

Guess what? HIPAA isn’t a medical privacy law.

Updated on October 19th, 2022

Save up to 88% on your medications

Written and medically reviewed by Dorcas Morak, Pharm.D

You want to know how securely HIPAA Law and Privacy Rule protect your protected health information. HIPAA doesn’t cover in all cases the protected health information you have shared with your employer, health care provider, health tracking app, etc. Although the HIPAA Law and Privacy Rules have been in place since 1996 to prevent the disclosure of sensitive information, they do not cover all scenarios.

Read on to understand where HIPAA applies and where it does not.

What is the HIPAA Law and Privacy Rule?

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) set federal standards to safeguard identifiable health information (protected health information) to protect patient confidentiality. The rule applies to health plans, health care clearinghouses, and health care providers.

How Does the HIPAA Law and Privacy Rule Work?

HIPAA keeps your identifiable health information private and protects your confidentiality by requiring patients care organizations to get your consent before sharing your health record with another entity. The concerned entity can’t share your protected health information without your consent unless for research, billing, insurance, and providing care. You may give your consent by filling out a HIPAA form when you are giving your health information to your caregiver.

What Does the HIPAA Law and Privacy Rule Cover?

HIPAA prevents sharing the protected health information that you disclose to health plans, health care clearinghouses, and health care providers that conduct certain health care transactions electronically. If the identifiable health information such as name, address, date of birth, Social Security number, phone’s permanent ID number, etc. is removed, HIPAA does not apply again.

Does HIPAA Protect You Talking to a Doctor?

The sensitive information you disclose to doctors, clinics, dentists, psychologists, nursing homes, hospitals, and other healthcare providers is protected by HIPAA. Also, such information is protected if you share it with their business associates such as billing companies and online patient portals. However, the rule may not apply to caregivers that don't use insurance but their professional and state medical privacy rule will still prevent them from sharing your information.

Does HIPAA Protect the Sensitive Health Information You Disclose to the Insurance Company?

HIPAA rule applies to Health Insurance companies. However, sensitive health information you disclose to other insurance companies like Life Insurance Company is not protected by HIPAA.

Does HIPAA Protect you at the Drugstore?

HIPAA protects your information about the prescription medications you fill from the pharmacy, but it does not apply to over-the-counter medications (OTCs). Whether your information from the nonprescription counter is protected depends on how the pharmacy operates. For example, if the pharmacy uses a single computer for both prescription medications and OTC your information will be protected. However, if they use a different computer, the information related to your OTC medications isn't covered.

Does HIPAA Apply to Mobile apps used for Health and Fitness Purposes?

HIPAA does not apply to health data you check, store, or interpret with a mobile app you use for health tracking purposes. For example, fitness apps like The Activity app on your Apple Watch, an app you use to track your menstrual cycle, etc.

Does HIPAA Protect You Talking to your Employer or School?

HIPAA does not apply to the health information you disclose to your employer and school. Though you can be protected by other laws like Family Educational Rights and Privacy Act at schools.

Does HIPAA Protect you When you Seek Treatment for a Miscarriage?

More especially in a state where abortion is restricted or illegal, HIPAA may not apply to information related to miscarriage. The doctor may report you to a law enforcement agency if they sense the miscarriage is a result of induced abortion.

Note that HIPAA states that covered entities may — but are not required to — comply with requests from law enforcement for patient information. Furthermore, the recent HHS guidelines specify that if state law forbids abortion but doesn’t explicitly require health care providers to report it, any health care provider who reports it has violated HIPAA rules.

Does HIPAA Protect your Health Data when Required by Law Enforcement Agencies?

HIPAA doesn't protect your health data if formally requested for a legal issue. However, if your health care providers think more than necessary information is being asked, they can make a formal objection.

Does RxLess Protect My Privacy?

At rxless, we know that the less your information is shared, the more you’re protected. That’s why no personal information is ever required to use our discounts. All you need to do is use our search tool to find the best price in your area, show your pharmacist the free prescription discount card or coupon, then save instantly on your medications.

To be sure you understand exactly how we help to keep your private health information private, read our Privacy Policy.

Was this article helpful?

Related Articles