Privacy Fact Sheet

Fact sheet for protecting your health information

What health information is protected from unlawful disclosure

  • Information your doctors, nurses and other health care providers put in your medical record.
  • Conversations between your doctors and care teams about your care and treatment.
  • Information about you in your health insurer’s computer system.
  • Billing information about you at your medical clinic or hospital.
  • Any other information held by those who must follow HIPAA and the Privacy Rule.

Organizations not governed by HIPAA and the Privacy Rule

  • Life insurers
  • Employers
  • Workers compensation carriers
  • Schools and school districts
  • State Agencies like Child Protective Services
  • Law enforcement
  • Government offices

You, as a patient, have the right to:

  • Ask for and obtain a copy of your medical record. Fees may apply.
  • Have corrections made to your medical record.
  • Receive notice and give permission about how your health information may be used and/or shared.
  • Obtain notice about when and why your health information was shared for certain purposes.
  • File a complaint with your provider or health insurer if any of these rights are denied or your health information is compromised.
  • File a complaint with the U.S. Department of Health & Human Services if any of these rights are denied or your health information is compromised.

Without your written approval, health providers and health insurers cannot:

  • Share your health information with your employer.
  • Use or share your health information for marketing, media and in-house publicity, advertising or other promotional purposes, and/or fund-raising or research purposes.
  • Share private notes about your health care.

Types of security threats faced today by health care providers

  • Hacker and disgruntled employee abuse.
  • Untrained personnel mishandling.
  • Exploitation by people not have a “need to know”.
  • Unplanned power outages.
  • Burglary and theft.
  • Fire, flood and other natural disasters.

In the event a patient’s health information is compromised, Henry Ford will:

  • Notify the patient(s) within 60 days of learning about the situation.
  • Conduct a thorough investigation to determine what happened, how it happened, the number of patients affected and what patient health information was affected.
  • Set up a toll-free telephone number to answer patient questions and concerns.
  • Take correction action, which includes suspension and termination.
  • Adhere to all federal regulations as outlined in the Health Insurance Portability and Accountability Act of 1996 and Privacy Rule.
Take the next step

Let us help you schedule an appointment, call (800) 436-7936.


Cookie Consent

We use cookies to improve your web experience. By using this site, you agree to our Terms of Use. Read our Internet Privacy Statement to learn what information we collect and how we use it.

Accept All Cookies