The Health Insurance Portability And Accountability Act Of 1996 created a national standard for the use of patients’ health records and other related data. This Act, also known as “HIPAA”, requires all medical institutions to implement policies and security procedures to maintain with strict privacy patient records, identification numbers and other potentially sensitive information.
HIPAA protects the privacy of patients' medical records and other health information maintained by covered entities: health plans, which include many governmental health programs, such as the Veterans Health Administration, Medicare and Medicaid; most doctors, hospitals and many other health care providers; and health care clearinghouses. These standards provide patients with access to their medical records and with significant control over how their personal health information is used and disclosed.
The HIPAA Security Rule establishes national standards for the security of electronic protected health information. The final rule adopting HIPAA standards for security was published in the Federal Register on February 20, 2003. This final rule specifies a series of administrative, technical, and physical security safeguards for covered entities to assure the confidentiality of electronic protected health information.
More information about how your medical information may be used and disclosed and how you can access your information can be found here: http://www.hhs.gov/hipaa/index.html