• Individuals must be able to access their record and request correction of errors   
• Iindividuals must be informed of how their personal information will be used.
• Individuals "protected health information" (or "PHI") cannot be used for marketing purposes without the explicit consent of the involved individuals.
• Individuals can ask covered entities which maintain PHI about them to take reasonable steps to ensure that their communications with the individual are confidential. For instance, an individual can ask to be called at his or her work number, instead of home or cell phone number.
• Individuals can file formal privacy-related complaints to the Department of Health and Human Services (HHS) Office for Civil Rights.
• Covered entities must document their privacy procedures, but they have discretion on what to include in their privacy procedure.
• Covered entities must designate a privacy officer and train their employees.
• Covered entities may use an individual's information without the individual's consent for the purposes of providing treatment, obtaining payment for services and performing the non-treatment operational tasks of the provider's business.

HIPAA was designed to  protect the privacy of individuals when dealing with health care providers.  It is designed to stop unauthorized access to your personal medical information.

Download the Privacy Rule Summary [PDF]>

Office of Civil Rights-HIPAA>

How to file a compliant>

As opposed to not working with HIPAA, the ICE campaign actually piggy backs quite well onto HIPAA’s privacy provisions.  By choosing to enter ICE contacts into their phone, an individual is telling emergency personnel whom they would like contacted and at what number.