Which law protects sensitive information collected by healthcare providers about their clients?

• A. Family Educational Rights and Privacy Act
• B. Health Insurance Portability and Accountability Act
• C. Children's Online Privacy Protection Act
• D. Mandated reporters

Answer: (B)

Protecting sensitive health information collected by healthcare providers is governed by HIPAA. This law sets national standards for how health information (PHI) can be used and disclosed, and it requires safeguards to protect its privacy and security. It gives patients rights over their information and limits who can access it, with specific rules for what can be shared without patient consent. The Security Rule adds technical and administrative protections for electronic PHI, while the Privacy Rule governs permissible disclosures and the concept of “minimum necessary” information. Breach notification requirements also help ensure patients are informed if their data is exposed.

The other options address different privacy domains. The Family Educational Rights and Privacy Act focuses on student records in education, not general health information. The Children's Online Privacy Protection Act protects personal data collected from children online, not the records kept by healthcare providers. Mandated reporters are about legal obligations to report certain situations (like abuse) and not about protecting patient health data.