Skip to main content
Contact Us 800.227.2345 Cancer Help Sign Up For Email
Give In Honor & Memorial

Financial and Insurance Matters

Back
Download Section as PDF

HIPAA (The Health Insurance Portability and Accountability Act of 1996)

On this page
[show] [hide]

Disclaimer: The American Cancer Society does not offer legal advice. This information is intended to provide general background in this area of the law.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a law that was created to protect millions of working Americans and their family members with medical problems. These people often had trouble getting health insurance because of a medical problem they had before they tried to buy health insurance (called a pre-existing condition). In fact, before the important protections of the health care law known as the Affordable Care Act took effect, many people with serious health problems couldn’t get health insurance.

How the Affordable Care Act affects HIPAA

Here's how the Affordable Care Act (ACA) helps to get coverage for pre-existing conditions.

  • Employer-based plans and individual health plans cannot deny coverage to people with pre-existing conditions.
  • People under individual health plans that existed before September 23, 2010 – known as grandfathered plans, are allowed to use pre-existing condition exclusions. Plans issued or renewed on or after September 23, 2010 must follow the ACA rules.

How HIPAA helps people with cancer

The following information applies to grandfathered plans that existed before September 23, 2010 and were not purchased through the Marketplace. Check with your employer to find out your health care plan’s start date, to learn if it’s grandfathered. If it isn’t, this section does not apply to you.

HIPAA includes several parts that may help people with cancer who are under older grandfathered individual health plans.

  • It limits what’s considered a pre-existing condition. An employer health plan can exclude a medical condition from coverage only if the person had a gap in coverage longer than 63 days, and also had or was recommended to have treatment or medical advice in the 6 months before enrolling in the plan.
  • It limits the time a new employer plan can exclude the pre-existing condition from being covered. An employer health plan can avoid covering costs of medical care for a pre-existing condition for no more than 12 months after the person is accepted into the plan.
  • It gives certain people the right to buy individual health insurance if no group health plan coverage is available, and the person has exhausted COBRA or other continuation coverage. (For more information, see COBRA.) Certain conditions and time limits must be met.
  • It does not allow employers or their health insurers to discriminate or act unfairly against employees and their dependents based on their health status or genetic information.
  • It guarantees certain people the ability to get or renew individual health insurance coverage.

HIPAA also protects privacy and gives you more access to your medical records.

In 2002, the HIPAA laws were expanded to give patients greater access to their own medical records. The expanded law also gave patients more control over how their personally identifiable health information is used. In general, health information may not be shared without the patient's written permission. The law requires health care providers and health insurance plans to protect the privacy of patient health information, too. Medical records must be kept under lock and key and are available only on a need-to-know basis.

What does HIPAA not do?

Even though HIPAA offers protections and makes it easier to switch jobs without fear of losing health coverage for a pre-existing condition, the law has limits. For instance, HIPAA:

  • Does not require employers to offer health coverage, though the new health care law will require some to offer it
  • Does not require employers that offer coverage for employees to also cover their families or dependents
  • Does not guarantee that you can afford the health coverage your employer offers
  • Does not keep an employer from imposing a pre-existing condition exclusion period if you have been treated for a condition during the past 6 months and have had an interruption in your coverage (group plans can’t do this after January 1, 2014)
  • Does not replace your state as the main regulator of insurance where you live

Even so, HIPAA has generally made it much easier to switch health plans or change jobs without losing coverage if you have a health problem.

The American Cancer Society medical and editorial content team

Our team is made up of doctors and oncology certified nurses with deep knowledge of cancer care as well as journalists, editors, and translators with extensive experience in medical writing.

Centers for Medicare and Medicaid Services (CMS). Keeping the health plan you have: The Affordable Care Act and grandfathered health plans. Accessed at https://www.cms.gov/CCIIO/Resources/Fact-Sheets-and-FAQs/keeping-the-health-plan-you-have-grandfathered.html on May 13, 2019.

HealthCare.gov. Grandfathered health insurance plans. Accessed at https://www.healthcare.gov/health-care-law-protections/grandfathered-plans/ on May 13, 2019. 

US Department of Health and Human Services. Health information privacy. Accessed at https://www.hhs.gov/hipaa/index.html on May 13, 2019.

US Department of Health and Human Services. Summary of the HIPAA security rule. Accessed at https://www.hhs.gov/hipaa/for-professionals/security/laws-regulations/index.html on May 13, 2019. 

Last Revised: May 13, 2019

American Cancer Society medical information is copyrighted material. For reprint requests, please see our Content Usage Policy.

Help us end cancer as we know it, for everyone.