Health Insurance Portability and Accountability Act
n. (abbr. HIPAA)a United States law (Public Law 104–191) governing the privacy of personal health records and informationPatzwald and Wildt 2004, 97Research use of medical records has recently become subject to guidelines issued by the federal government under provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), a law that is designed to protect patient confidentiality. The act includes provisions for the use of some records for research without patient authorization when patient identifiers have been removed.Behrnd-Klodt 2008, 143In HIPAA, Congress addressed concerns over personal privacy, the potential misuse of genetic information, and the ready ability of technology to share health care data.Kunde 2008, 193–194HIPAA contains specific guidelines on the maintenance and disposal of medical information, and any academic institution with a teaching or research hospital affiliated with it must address the HIPAA records requirements.Bingo 2011, 520One other useful aspect of contextual integrity in terms of access is that it defines attributes, such as roles and activities, that may be used to support rulebased access. Phoebe Evans Letocha, for example, argues that role-based access may be useful in determining appropriate access to medical records. Based on rules that take into consideration laws like HIPAA, access may be automated so that electronic access observes legal and social norms.White 2012, 120The Health Insurance Portability and Accountability Act (HIPAA) prevents archivists from providing access to medical records or other health related records created and maintained by institutions such as hospitals, medical clinics, and insurance companies. Congress passed HIPAA in 1996 to prevent people from accessing individuals’ health records in the wake of new technologies and media such as the Internet.
Notes
Archivists most commonly refer to the Privacy Rule within HIPAA to determine whether researchers are permitted access to personal health and medical records and information.
