If you plan on becoming a healthcare professional within the U.S., you must be well-acquainted with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This five-section document is so important that healthcare professionals are required to receive training annually.

If you‘re familiar with AMO clinical experiences, you may have noticed that certain programs include HIPAA training at the onset of the experience. Prospective visitors frequently ask what this training is and why it’s so important. Below is some information on what exactly HIPAA is and why some hospitals and clinics require visitors to be well versed in it before they can fully participate in their rotation.

Overview of HIPAA

HIPAA was created to improve the sharing of medical information across covered entities while protecting patient privacy. Parties covered by HIPAA include healthcare providers, health plans, business associates, and individual patients. The rules and regulations these parties must follow are covered in five titles, but the most important title for healthcare providers and patients are embedded in the second title, Preventing Health Care Fraud and Abuse; Administrative Simplification; Medical Liability Reform.

Subsections within this tile include the Privacy Rule and Security Rule. The next section covers both rules more deeply.

Patient Privacy Rule

For healthcare professionals, the most important HIPAA section pertains to the protection and privacy of case-sensitive patient information. Healthcare providers cannot share or case information to unauthorized parties. It is also against the HIPAA laws to access patient information outside the needs of a specific case.

HIPAA also requests that physicians maintain a strictly professional relationship with the patients they treat. This means healthcare professionals should avoid building personal relationships with patients in person and online. Physicians are also not allowed to provide in-depth responses to online reviews left by patients.

Under HIPAA, patients have the right to access their personal medical records. Patients are also allowed to set who has access to their records and request record changes.

Security Rule

To keep sensitive information safe, hospitals, clinics, insurance companies, and providers must keep records secure, whether they be paper or electronic. The U.S. Department of Health and Human Services requires many security measures to be put in place and reviewed to ensure its validity. For more information on these procedures, visit the HHS’s website.

Additional HIPAA Sections

The first, third, fourth, and fifth titles of HIPAA, while still important to understand, should not directly impact physicians and their provision of care. These sections deal with health insurance and government taxation. For additional information on these HIPAA sections, click here.


Interested in learning more about HIPAA? Depending on which clinical experience you select, your program curriculum could include it!

Apply for clinical experiences with AMO >