Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » HIPAA » HIPAA Confidentiality

HIPAA Confidentiality

The HIPAA Privacy Rule sets standards for safeguarding individuals’ medical records and identifiable health information, commonly known as PHI. 

For example, discussions between doctors and patients should occur privately, and patients may prefer to be contacted on their cell phones rather than at home. Even well-meaning family members may not necessarily access a loved one’s medical information.

Ethical healthcare practices have traditionally emphasized keeping patients’ medical data confidential. HIPAA has formalized this responsibility for covered entities, including healthcare providers, health plans, healthcare clearinghouses, and business associates who transmit health information electronically.

Confidential communication

Healthcare practitioners should ensure confidential communication with patients in line with their preferences. While medical discussions should be private, practitioners can share medical information with a patient’s immediate family or close friends if related to the patient’s care payment by limiting information exchange to what’s necessary. 

Personal representatives authorized by the patient have the same access and confidentiality rights, although practitioners may restrict information if there are concerns about domestic violence, abuse, or neglect.

Certain situations may require disclosure by law, typically when a patient’s condition poses a risk to others. 

For example, infectious diseases like COVID-19, HIV, syphilis, and tuberculosis must be reported to public health agencies. Signs of abuse or neglect, including child, adult, or elder abuse, are generally reported to protective services. 

Conditions affecting a patient’s ability to drive, such as dementia or recent seizures, may need to be reported to the Department of Motor Vehicles in some states.

Additional reading

HIPAA compliance software

Best HIPAA Compliance Software in 2024

The healthcare industry has consistently been the top recipient of data breaches for the last 12 years. This fuels the necessity to implement stringent laws such as the Health Insurance Portability and Accountability Act (HIPAA). Entities that handle sensitive patient data can enforce the requirements of this law using a HIPAA compliance software.  In this…
ISO 27003

ISO 27003: Implementation Guide [Section Wise Breakdown]

The ISO 27000 family of standards is an internationally recognized set of guidelines to help organizations implement, improve, or certify their information security. ISO /IEC 27001 is the central standard on which a number of supporting standards are outlined – such as ISO 27003.  In this article, we discuss what ISO 27003 is, its importance,…

100+ Compliance Statistics You Should Know in 2024

Data security compliance is gaining momentum as one of the foundational elements of a successful business. The demand for IT security professionals, compliance officers, and data protection officers is growing, expenditure on compliance programs is increasing, and organizations are treating compliance as a key component of their overall strategy. Some compliance professionals are still finding…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.