Content starts here


How HIPAA Can Maintain Privacy, Enable Exchange of Electronic Health Records and Improve Patient Care at the Same Time

HIPAA Regulations
Getty Images/iStockphoto

have gone digital, replacing paper medical records with electronic ones. For consumers, this should have meant that complete and up-to-date medical files seamlessly flow between physicians and follow patients from one doctor to the next.

In reality, many health care providers don’t exchange electronic health data, in part because they misinterpret the 1996 Health Insurance Portability and Accountability Act (HIPAA) privacy rules as saying that it’s illegal. Some may also be playing it safe, as violating the law — even unintentionally — could result in hefty fines.

The result? Information necessary for patient care is often not available to the right clinician at the right time. Misinterpretation of HIPAA can also create obstacles for family caregivers who do not get the information they need to care for their loved one at home. It does not, however, have to be this way because HIPAA is not a roadblock: It already goes a long way to enable an effective and confidential flow of digital information.

HIPAA: Clearing things up

Safeguarding consumer health information is critical. HIPAA ensures that unauthorized individuals do not get hold of electronic health records and guarantees peoples’ access to their own medical information.

HIPAA also sets rules for how health care providers (and others such as health insurers) can safely use personal health information, including electronic health data. To protect the privacy of medical files, consumers generally must authorize clinicians to share electronic health records. But the law does not prohibit health care providers from sharing digital medical records that are necessary for patient care. Clinicians can exchange such information without prior consent, although patients have a right to object to their records’ transfer.

Better care for consumers

For consumers, the potential benefit is immense. Thanks to HIPAA, hospitals can share patients’ digital records with nursing homes, for a smooth transition to follow-up care. The rules also mean that care team members spread across multiple settings can exchange digital health data to better coordinate care for patients with complex needs.

With real-time medical data right at their fingertips, clinicians can also avoid unnecessarily duplicating tests, stay away from drugs already proven not to work, and effectively monitor patients’ recovery once they leave the hospital for rehab — all of which leads to better health and safer care for consumers.

Misconceptions about HIPAA are only one of many barriers to clinicians’ routinely exchanging patients’ electronic health records. But clearing up such misunderstandings would get patients a great deal closer to reaping the full benefits of the digital revolution that has swept through doctors’ offices and hospitals.

Photo:  iStock

Claire Noel-Miller, AARP



Claire Noel-Miller is a senior strategic policy adviser for the AARP Public Policy Institute, where she provides expertise in quantitative research methods applied to a variety of health policy issues related to older adults. 






Jane Sung is a senior strategic policy adviser with AARP’s Public Policy Institute, where she focuses on health insurance coverage among adults ages 50 and older, private health insurance market reforms, retiree coverage, Medicare supplement insurance and Medicare Advantage.


Search AARP Blogs