If you have a will, power of attorney, and health care directive, you may think you're all set with estate planning. But there's one more critical document you should consider—a HIPAA authorization form.
The Health Insurance Portability and Accountability Act (HIPAA) is a law that impacts the privacy of health care records. Including a HIPAA authorization in your estate plan ensures that everyone knows your wishes about who has access to your health care records, and who can communicate with your medical care providers.
Why you need a HIPAA authorization form
A HIPPA authorization form allows family members, friends, and loved ones to speak to medical personnel about your care, condition, and treatment. Unless you provide specific authorization for them to communicate with your doctor, your healthcare provider won't talk to them on the phone, give them any updates about you, or even take information from them if they call on your behalf.
Adults of any age should have a HIPAA authorization form in place. Unless you explicitly authorize others to communicate with your healthcare provider, they won't be able to in most situations.
HIPAA authorization vs. advance directive
A HIPAA authorization gives specific people the right to give and receive medical information about you. For example, they can call the doctor to ask about a possible side effect to a drug you're taking or to let them know you're spiking a fever. They can also receive information from your doctor about test results or stop in to pick up a triplicate prescription form. The HIPAA form also allows them to speak with the provider about billing and health insurance claims.
In contrast, an advance directive goes one step further. In addition to giving the person you select the ability to communicate about your health with your doctor, this personal representative also has the right to make medical decisions on your behalf if you are unable to do so. If you're in a coma, for example, this document gives them the authority to make decisions such as discontinuing lifesaving treatment or agreeing to surgery for you.
How to create a HIPAA authorization
The best way to create a HIPAA authorization is to work with your attorney and set one up as part of your estate plan. This one form is universally accepted at any doctor's office or hospital, meaning you do not have to fill out individual forms at each.
The document should state it is a HIPAA privacy authorization form and include your name. It should indicate that you authorize all medical providers and servicers to use and disclose protected health information from and to the person or people you name in the form as your personal representatives. The form should give a start and end date or indicate that it applies to past, present, and future dates. You can authorize all medical information, or you can create exceptions, such as for mental health records, communicable diseases (such as HIV), or alcohol or drug abuse. You can also choose when you want the document to expire. Most HIPAA authorization forms use a two-year expiration date.
Once you create the form, give copies to all of your healthcare providers as well as to the personal representatives you have named on the form. Be sure to keep the original copy for yourself and to bring a copy of it whenever you see a new provider or visit a health care facility. You should update your HIPAA authorization form whenever there's a change in your preferences or situation, such as the passing of your spouse or a new family member tending to your care.
Not having the proper forms in place can hinder the care-giving process and also make it frustrating for loved ones trying to help you. Having a HIPAA authorization form can both make the process more efficient and ensure that the people you trust have access to your medical information on your behalf.