Skip to main content

How your healthcare privacy is protected

Two women talking in an office setting.

Dec. 2, 2019—To take care of you, healthcare providers keep track of a lot of personal information—like your health conditions, test results, procedures you've had and hospital stays.

All that information goes into your medical records—and it helps providers give you better care.

But in an age of data breaches, you might be understandably concerned about your privacy. Here's what you should know about how your medical records are handled and your rights to your own information.

Who can see my health information?

First and foremost, you. It's your right to get a copy of your medical records. You may need to put the request in writing first. While your provider can't charge you a fee for retrieving your records, you may have to pay for the cost of copying and mailing.

Your information may also be used by and shared with others, including:

  • People who need it to treat you or coordinate your care.
  • People who use it to bill your health insurance or pay providers.
  • Family or friends you give permission to be involved in your healthcare.
  • Agencies that monitor the safety and quality of healthcare.
  • Public health authorities who monitor outbreaks of diseases like the flu.
  • The police, to follow up on reports of things like gunshot wounds.

Without your OK, your providers generally can't use your information in other ways. For instance, they can't:

  • Share information with your employer.
  • Use your information for marketing or advertising.
  • Sell your information.

How do I know if someone has seen my records?

You have the right to request a list of the times when your healthcare provider or health plan has shared your information with another person or organization. This is called an "accounting of disclosures."

According to, there are some exceptions to this right, though. For example, it doesn't include times your provider or plan shared your information for treatment, payment or healthcare operations. (That includes the kinds of administrative tasks a provider or plan has to do to run its business.)

What if there is some information I don't want shared at all?

You can let your providers or health plan know if there is information you don't want to share. If you go to a clinic, for example, you can ask the doctor not to share your medical records with other staff there.

Or you can ask your provider not to tell your insurance company about the care you receive or the medicine you take if you pay for it in full yourself.

What if I find a mistake in my medical record?

If you find information in your records you think is wrong, you can ask that it be corrected. If you and your provider or health plan don't agree that the information is incorrect, you still have the right to have that disagreement noted in your record.

To learn more about your rights, visit the U.S. Department of Health and Human Services' privacy website.

Read more breaking news Related stories