HIPAA

Patient data privacy and access resources

UPDATED | 4 Min Read

The AMA seeks to ensure that as health information is shared—particularly outside of the health care system—patients have meaningful controls over and a clear understanding of how their data is being used and with whom it is being shared. Above all, patients must feel confident that their health information will remain private.


Privacy by design for developers

AMA releases new guidance for health app developers on equitable data governance and collection.


Find best practices for efficiently providing patients with electronic access to medical records in one authoritative resource with the AMA's Patient Records Electronic Access Playbook.

The playbook covers elements, including requirements under HIPAA, to help practices provide patients with their own health information. Find legal requirementsreal-world scenariosthe world of appskey points to remember, and a patient records request flowchart.

Patients have a right to determine how and what parts of their health information is shared. Further, any individual or company seeking to access a patient’s most confidential medical information must comply with federal and state law and develop or have an established trusted relationship with the patient.

Stay informed and up-to-date about the ways the AMA protects patient information and patient privacy.

Patient checking in at a physician's office with patients and office staff wearing masks

AMA Privacy Principles (PDF)

Hand holding a smartphone

A case for privacy by design in app development (PDF)

Illustration of various smart phones, computers, and devices with locks and keys, representing cyber security.

AMA health data privacy framework

Information-blocking practices, which impede the secure exchange and use of electronic health information by practices, patients and doctors can stand in the way of providing quality care. AMA provides online resources for physicians on the information blocking rule that takes a deeper dive into integrating data sharing into medical practices and making medical records more easily available to patients.

The AMA has created a summary brief (PDF) of a new Final Rule released by CMS and ONC in late June implementing disincentives for physicians and other health care providers participating in specific Medicare programs that HHS has determined have committed information blocking.

Patient speaking to physician

Preventing patient harm (PDF)

Person talking on cell phone and looking at computer screen displaying an electronic health record.

What is information blocking? (PDF)

Stethoscope on tablet

How do I comply with information blocking? (PDF)

Hands scrolling on a tablet

Information blocking investigations and penalties (PDF)

Patients have the right to access their medical information. Access also improves the overall efficiency of the medical care team. Explore news, information, solutions and statements on EHR interoperabilityEHR usability and AMA patient privacy resources.

Physician with tablet

Patient Records Electronic Access Playbook

Illustration of a doctor inside a smartphone shaking hands with a patient, with examples of medical apps to assist.

The world of apps and EHR interoperability

Back view of a health care professional at a desk reviewing patients' records on various computer monitors

Operationalizing patient electronic access

In the digital age, personal health information is not always truly private. Social media platforms, wearable fitness trackers and apps collect health data that can be shared for advertising purposes and, when combined with medical records, allow for profiling and discrimination. AMA has adopted policies designed to help integrate mobile health applications and devices (also known as mHealth) into clinical practice.

Smartphone graphic

FTC warns health apps to comply with health data-breach rules

Data points used to draw graphic of hand with heart elevated above it

7 essentials to getting mHealth data into flow of patient care

Stethoscope and smartphone

How smartphone apps can protect users’ health info

Hand holding a smartphone

A case for privacy by design in app development (PDF)

As practices and health care organizations become increasingly digitized, physicians must be aware of HIPAA’s Privacy, Security and Breach Notification requirements, that protect the confidentiality of their patients’ medical information. 

Computer screen superimposed with a safe

HIPAA privacy and security resources

Close-up of gavel and scope resting on a desk.

HIPAA violations and enforcement

Man using touch-screen to learn about HIPAA.

HIPAA

Protecting information gathered in association with the care of the patient is a core value in health care. 

The AMA Code of Medical Ethics provides guidance to help physicians strike the balance with patient's rights and privacy. 

How to ethically utilize AI

When used ethically, augmented intelligence (AI) has the power to serve as a transformative and powerful tool for physicians.

 

Crowd walking over binary code

Code of Medical Ethics: Privacy, confidentiality and medical records

Stethoscope in the shape of a computer screen

Must physicians disclose personal health information to patients?

COVID-19 vaccine card

Use of patient registries during public health emergencies

AMA actively engages the administration, Congress and industry stakeholders in discussions on the future direction of regulatory guardrails that are needed to restore public confidence in data privacy protections. 

The AMA has provided several recommendations to strengthen medical data privacy and improve federal health information technology policy. Recent letters to the federal government include:

FEATURED STORIES

Three doctors in discussion walk down a hallway

4 actions health leaders must take to show doctors they are valued

| 6 Min Read
Stethoscope on an open book

Medical journals shine light on practices of predatory publishers

| 5 Min Read
 Hands applying a bandage to a young child's arm

What doctors wish patients knew about measles

| 12 Min Read
Bustling hospital corridor

Medicare pay cuts: How they endanger physician practices

| 6 Min Read