Skip to content Skip to footer
Table of contents

Health insurance portability and privacy

Medical information employers can access

The Americans with Disabilities Act (ADA) governs employer access to and use of medical information. These restrictions are described in Disabilities and genetic information.

Privacy rule

The Health Insurance Portability and Accountability Act (HIPAA) privacy rule and security rule protects the use and disclosure of protected health information (PHI) by covered entities and business associates, except as authorized by the individual or as permitted or required by the privacy rule. The rule imposes different requirements on healthcare providers, group health plans and employers. Therefore, depending on whether the organization is handling health information in its capacity as a group health plan as opposed to its role as an employer or even healthcare provider, the requirements may change. Initially, there are six key must-knows:

  1. What is PHI?

  2. Who’s a covered entity?

  3. Who’s a business associate?

  4. What’s “use or disclosure?”

  5. How do I get authorization or identify a regulatory exception?

  6. What use/disclosure is permitted by the HIPAA privacy rule?



Please call us at (312) 960-9400 if this is an error or if you have any questions.

About Smith Anderson

About the authors

About the North Carolina Chamber

An introduction - features of the HR library

An Introduction — North Carolina

Background checks — North Carolina

Benefits — North Carolina

Celebrations in the workplace — North Carolina

Child labor — North Carolina

Compliance thresholds — North Carolina

Disabilities and genetic information — North Carolina

Disaster planning — North Carolina

Discipline — North Carolina

Diversity, equity and inclusion in the workplace — North Carolina

Drugs and alcohol — North Carolina

Employee handbooks — North Carolina

Equal employment opportunities — North Carolina

Family and medical leave — North Carolina

Federal contractors, affirmative action and diversity — North Carolina

Health insurance continuation coverage — North Carolina

Health insurance portability and privacy

Health insurance reform — North Carolina

Immigration — North Carolina

Independent contractors — North Carolina

Military leave — North Carolina

Noncompete agreements, trade secrets and protecting company information — North Carolina

Other types of leave — North Carolina

Pandemic outbreaks — North Carolina

Performance evaluations — North Carolina

Plant closings, mass layoffs and other reductions in force — North Carolina

Politics in the workplace — North Carolina

Posting requirements

Privacy rights — North Carolina

Public employers — North Carolina

Recordkeeping requirements

Recruiting, hiring and employee selection — North Carolina

Safety and health — North Carolina

Social media — North Carolina

Technology in HR — North Carolina

Telecommuting — North Carolina

Temporary and leased employees — North Carolina

Termination — North Carolina

Tips for documentation — North Carolina

Unemployment compensation — North Carolina

Unions — North Carolina

Wages and hours — North Carolina

Whistleblower protections and retaliation prohibitations — North Carolina

Workers’ compensation — North Carolina

Workplace harassment — North Carolina

Workplace investigations — North Carolina

Workplace violence — North Carolina