In 1996, Congress passed the Health Insurance Portability and Accountability Act (HIPPA). This federal law covers patients in Alabama, as well as all other states. It protects a person's health records, giving her control over how they're used and who can access them.
HIPAA regulates disclosure and use of an individual's health records and establishes privacy and security on those records. HIPPA also secures insurance coverage mobility if a person changes jobs. The HIPPA Privacy Rule prohibits health plans and other covered entities from disclosing any information about the patient without his consent, unless it's for payment, treatment, or operations. This federal law takes precedence over any less restrictive state legislation, but allows Alabama and other states to enact laws that provide stronger privacy protection for health records.
HIPPA applies to health plans, business associates (people who work for the entity and require access to protected health info), health care clearinghouses, and most health care providers. Examples of covered entities in Alabama are The Brewer Porch Children's Center and The Capstone Rural Health Center (both located at the University of Alabama).
HIPAA protects all health information a covered entity transmits in any way (oral, paper, or electronic), including the following: the individual's mental condition, the stipulated condition of individual's health care, or payment information given at any time for the individual's health care.