What is HIPAA and who do I contact if I have further questions?

HIPAA is shorthand for the Health Insurance Portability and Accountability Act which contains privacy regulations affecting researchers collecting data from a covered entity, such as Baystate Medical Center. (UMass is a hybrid entity). These regulations provide significant new privacy protections for the health information of patients and research subjects including the following:

  • Gives patients more control over their health information.
  • Sets boundaries on the use and release of health records.
  • Establishes appropriate safeguards that health care providers and others must achieve to protect the privacy of health information.
  • Holds violators accountable, with civil and criminal penalties that can be imposed if they violate patients' privacy rights.
  • Strikes a balance when public responsibility requires disclosure of some forms of data - for example, to protect public health. For patients - it means being able to make informed choices when seeking care and reimbursement for care based on how personal health information may be used.
  • Enables patients to find out how their information may be used and what disclosures of their information have been made.
  • Generally limits release of information to the minimum reasonably needed for the purpose of the disclosure.
  • Gives patients the right to examine and obtain a copy of their own health records and request corrections.

HIPAA Frequently Asked Questions

If you have any further questions, please contact HRPO at 545-3428.

FAQ Topic: