Center for Improvement in Healthcare Quality Newsletter
January 2022

CIHQ-ARS Article

Back to the Basics of HIPAA and Patient Rights

By: Ann Martin, MSN, RN, HACP
What is your role as a healthcare individual when discussing treatments and educating your patients regarding patient rights? What does the Health Insurance Portability and Accountability Act (HIPAA) say?
What can you do to protect your patient’s identity? Below are some simple basic common patient rights to remember. ONLY share information about your patient with individuals involved in the care of the patient.

Right to Privacy:

  • When having a conversation with your patient, ensure your environment is private. Close the door, curtain, or talk softly to respect their right to privacy. Talking in private with the patient or simply closing the curtain when doing your care respects the patient's right of privacy.

Right to Plan of Care:

  • Have a discussion with your patient and/or their family representative to be involved in their treatment plan and provider choice. Involve them in their healthcare decisions. Make sure they know their options and fully understand what their plan of care is and how they should participate.

Right to Refuse:

  • Your patient has the right to refuse to participate in their plan of care or treatment. Sometimes the family, spouse or guardians may represent them and have a different opinion. However, if the patient is still their own decision maker, then they can refuse treatment. If the patient refuses treatment but is deemed incompetent or unable to make the decision to refuse treatment, then the patient representative is permitted to override the patient refusal.

Right to Receive Information:

  • Your patient has the responsibility to supply a medication list of what they are currently taking. There should also be a list of past illnesses. As a healthcare provider, it is your responsibility to make a good faith effort to collect a current medication list and obtain a past medical history. This information can be obtained from the patient, pharmacy, family member or past hospital stay if applicable.

Right to Receive Education:

  • It is important to provide accurate education to your patients in a form that is accurate, easily understood and pertinent to their healthcare.

Right to be Free of Restraints:

  • The use of restraints should be a last resort when all other interventions have been tried and failed where the patient’s safety is at risk.

Right to Confidentiality:

  • Patient's healthcare information (PHI) shall be protected ALWAYS!! Confidentiality is one of the most important factors related to HIPAA regulations. Patient information should never be shared with any individual not involved in the care or that said patient.

Right to Services:

  • ALL patients have the right to emergency treatment. This means that if a patient enters an emergency department, they must be screened and stabilized without waiting for authorization and without financial penalties.
It is so important for ALL staff in your organization to be aware and have a clear understanding of the patients’ rights, including informed consent. Patient rights and HIPAA should be part of initial orientation to your facility and yearly ongoing education. Your organization should evaluate its effectiveness and provide additional education if staff struggle with its understanding.


Centers for Medicare and Medicaid Services, (2020). State Operations Manual, Appendix A – Survey Protocol, Regulations, and Interpretive Guidelines for Hospitals. Retrieved from Kaplan NCLEX-Rn, strategies, practice and review 2010-2011 edition