What to know
Health information is regulated by different federal and state laws, depending on the source of the information and the entity entrusted with the information.
Highlights
The Family Educational Rights and Privacy Act (FERPA) and Health Insurance Portability and Accountability Act of 1996 (HIPAA) are federal laws. FERPA and HIPAA regulate privacy and the exchange of specific types of information. The work of healthcare providers, school personnel, and others often intersects with FERPA and HIPAA. It's important to understand these laws and know when they apply.
- Learn more about the Family Educational Rights and Privacy Act (FERPA)
- Learn more about the Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Glossary
- Permitted disclosure means the information can be, but is not required to be, shared without individual authorization.
- Protected health information or individually identifiable health information includes demographic information collected from an individual and 1) is created or received by a healthcare provider, health plan, employer, or healthcare clearinghouse and 2) relates to the past, present, or future physical or mental health or condition of an individual; the provision of healthcare to an individual; or the past, present, or future payment for the provision of healthcare to an individual; and (i) That identifies the individual, or (ii) With respect to which there is a reasonable basis to believe the information can be used to identify the individual.
Download the Infographic
- Laws and Guidance: Frequently Asked Questions. US Department of Education.
- Health Information Privacy. US Department of Health and Human Services.
- HIPAA Enforcement. US Department of Health and Human Services.
- For More Information: Department of Health and Human Services' HIPAA website
- United States Department of Education's FERPA website