Understanding the basic rules and regulations of HIPAA

August 01, 2017 in Uncategorized

A few weeks ago I was at the doctor’s office receiving my 20 week ultrasound. This was not my first ultrasound, but it was the first ultrasound with my new provider. I went into the ultrasound room with my mom, both of us ready to capture the images and video on our phones as we had with my previous provider. My excitement turned to confusion when we were told it would be HIPAA violation for me to video or photograph my ultrasound.

As a patient, the Health Insurance Portability and Accountability Act (HIPAA) is designed to protect my personal health information. Therefore, the employees at the provider’s office cannot video or photograph my ultrasound. But, as a patient, the images showing on the TV during the ultrasound are of me- meaning I have the right to photograph them, video the ultrasound live and do whatever I please with the footage. It is more likely the provider office does not want video or photo done in the ultrasound room because it is a distraction to ultrasound tech, but the policy should not be incorrectly referring to HIPAA as the reason for this rule.

It is apparent that many healthcare professionals have been given incorrect information about or misinterpret HIPAA rule and regulations. Today, I want to explore the basics of HIPAA rules and regulations in an effort to provide clarification.

HIPAA Rules CaptureProof

What is the reason for HIPAA?
HIPAA became law in 1996. At that time, no one could have predicted the ease of using a cell phone to share information. Regardless, the purpose of HIPAA is more relevant today than ever.

“The purpose of HIPAA is to improve the efficiency and effectiveness of the healthcare system by standardizing and protecting the communication of health information, with particular regard to: privacy, security and electronic data interchange.”

Who does HIPAA rules and regulations apply to?
HIPAA applies to certain Covered Entities, which include certain health care providers, health plans and health care clearinghouses. HIPAA also applies to business associates, such as CaptureProof, that are independent contractors or agents of a covered entity, such as a doctor or hospital, that receives or obtains protected health information on behalf of the covered entity.

What information is safeguarded under HIPAA rules and regulations?
Protected Health Information (PHI) is the personal health information protected by HIPAA. PHI is information regarding an individual's health that also contains information that can be used to identify who the individual is.

    It may include:
  • First and Last Names
  • Telephone/Facsimile Numbers
  • Medical/Health Plan Numbers
  • Dates (e.g. DOB, dates of treatment)
  • E-mail Addresses
  • Social Security Numbers
  • Addresses and other Geographic information
  • Medical Conditions
  • Diagnoses
  • Treatments
  • Prescriptions
  • Referrals
  • Photos
  • Videos
  • Doctor’s notes

The bottom line is that HIPAA rules and regulations are in place to protect patient information from being used or shared by covered entities and business associates in a manner that is not appropriate (not to prevent patients from documenting their own health, as suggested when I went in for my sonogram). HIPAA also provides patients the right to know, and control, how their health information is shared and used. Patients can learn more about their rights under HIPAA on the U.S. Department of Health and Human Services website.

Medical professionals must be aware of HIPAA rules and regulations at all times as violations of HIPAA can result in very large fines. For more information on HIPAA rules and regulations visit

Download our HIPAA Security White Paper!

HIPAA Rules CaptureProof


AESAHAAPMAAlzheimer's diseaseAmerican Academy of NeurologyAmerican Epilepsy SocietyAmerican Heart AssociationAmerican Podiatric Medial AssociationBYODBeth Israel Deaconess Medical CenterBig DataBloombergCBSCaptureCapture of the DayCaptureProofCare CoordinationCelebrityChristmasClinical TrialsCommunicationCreativityDIA2014DLSDecorationsDemoDesert FootDesert Foot ConferenceDiabetic Limb Salvage ConferenceDisruptionDisruptive InnovationElectronic health recordEmailEpilepsyExponential MedicineGeriatric HealthGeriatricsHIEHIPAAHIPAA RulesHIPAA appHITHarvardHealthHealth 2.0Health Acceleration ChallengeHealth ITHealth Information ExchangeHealth Information TechnologyHealth TechHealth TechnologyHealthBeatHealthcareHealthcare ITHealthcare PrivacyHealthcare SecurityHealthcare TechnologyHealthtechHolidayIn the NewsInfographicInternIntern for a DayInternsJaime HeywoodJohns HopkinsLunch&Learn FridaysMEDy AwardMedia RxMedical MediaMedstartrMeghan ConroyMole GrowthMost DisruptiveNational Dog DayNeurologyNewsObamacareOncologyPHIParkinsonParkinson's diseasePatient privacyPharmaceuticalPodiatryRebecca BrownRural HealthSafetySafety FirstSan DiegoSecurity FirstSingularity UniversitySocial MediaStart Up ChallengeStartupsStefano BiniStrokeTelehealthTelehealth AccessibilityTelemedicineTemplatesThanksgivingThe National 2014The See-and-KnowTravis McKnightTutorialsUHCUNCUpdatesVAVentureBeatVeteransVideoVideosVisual InformationWearable IntelligenceWebinarbi-weeklycardiologycloudePHIhealth securityiCloudiHealthBeatmHealthmobile healthnutritionobesityphotographyphotosprivacysecuritysee-and-knowshow-and-tellsmartphonestbtthrowback thursdayxmed

This website uses cookies to allow us to see how our website and related online services are being used. By continuing to use this website, you consent to our cookie collection. More information about how we collect cookies is found here.