Information Management

Navigating Consent: Sharing Medical Info with Relatives

sharing medical info with relatives

Nash Riggins

Jan 18, 2024

Families can be complicated, and sometimes, medical treatment exacerbates things. That’s why some patients prefer not to discuss their medical information with relatives, and their right to do so is enshrined in law.

Under the standards set out in the Health Insurance Portability and Accountability Act (HIPAA), patients are always in charge of their medical records, and practitioners can’t share that information with relatives under most circumstances. However, it’s important to note there are a few exceptions to the rule.

Read on to find out how HIPAA protects medical information, what rights your family has to access your medical information, and in what situations someone could legally access your information against your will.


Key Takeaways

  • Under the HIPAA Privacy Rule, patients have full control over their medical information in most situations.

  • Medical practitioners are legally permitted to share your medical information with your relatives at their discretion if you cannot provide consent.

  • Patients are within their rights to expressly tell medical staff not to disclose information to family members.


Are Medical Records Confidential in the USA?

are medical records confidential in the usa

Strictly speaking: yes. Medical records are confidential in the United States, and that confidentiality even applies to your relatives in certain situations.

Protecting your medical data is enshrined in the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA was enacted in 1996, establishing a set of national standards designed to safeguard sensitive health information, which practitioners often refer to as “protected health information” (PHI). 

Dr. Thomas Pontinen, MD, LCP-C Physician, and Co-Founder of MAPS Centers For Pain Control, explains: 

“HIPAA ensures all healthcare entities in the country establish and maintain safeguards to protect the confidentiality of medical information, giving patients control over access to their medical records by needing to provide explicit authorization for their release except when it’s for treatment, payment, and healthcare operations.”

Under HIPAA, covered entities like doctors, hospitals, and insurers must follow certain confidentiality rules including:

  • Sharing only the minimum information necessary for a specific purpose.

  • Requiring written authorization from the patient for most disclosures beyond treatment, payment or healthcare operations.

  • Implementing appropriate physical, technical, and administrative safeguards to protect PHI from unauthorized access, disclosure or misuse.

Dr. Pontinen adds:

“There are also varying state laws that reinforce HIPAA by imposing extra layers of protection, on top of the ethical codes that healthcare professionals follow to ensure patient privacy, especially regarding their medical info.”


What Rights Does the Family of a Patient Have to Access Their Medical Information?

family of a patient have to access their medical information

Under the HIPAA Privacy Rule, patients have full control over their medical records unless they’re incapacitated. That means your relatives have no right to your medical records unless you choose to share them.

Ashley Murry, Chief Clinical Officer at Sana Lake Recovery Centers explains:

“Even family members can only access a patient’s medical information when the patient is incapacitated or when the patient is in a state unable to provide informed consent for the disclosure.”

Suppose you’re unable to consent to a medical provider sharing your details with relatives. In that case, a doctor might need to use their own professional discretion to decide whether the family has a right to know what’s going on.

Murry adds, 

“For instance, a physician might discuss treatment intervention with the patient in the company of a family member or friend.

In our recovery facility, most of our patients might be in a position to provide consent due to their mental health condition, allowing us to always update their family members on their health progress.”


Is It Illegal to Share Someone's Medical Information With Relatives?

Generally speaking, no. Under the HIPAA Privacy Rule, it’s illegal for someone to share your medical information with relatives unless you provide written consent.

However, there are a couple of exceptions. 

Dr. Pontinen explains:

“It’s important to keep in mind that HIPAA’s Privacy Rule balances the protection of an individual's privacy with the need to involve family members in the healthcare process, which is why healthcare providers can generally use their professional judgment to determine whether disclosing information to a family member is in your best interest as a patient.

In such cases, sharing your medical information with family members is legal, especially with your consent, but it might be considered illegal if done in situations not covered by HIPAA’s exception clauses like treatment, payment, or healthcare operations.”

There are also a couple of clauses within the HIPAA standards that permit healthcare providers to share your information with relatives in certain situations.

For example, the Treatment, Payment, and Health Care Operations clause allows healthcare providers to share relevant medical information with family members involved in the patient's care if the disclosure is necessary for treatment, payment or healthcare operations — even without the patient’s explicit authorization.

As mentioned, HIPAA’s incapacity and emergency situations clauses permit healthcare providers to disclose patients’ medical information to family members in cases where the patient cannot provide authorization due to incapacity or emergency.

What Can a Patient Do If They Don’t Want Their Medical Information Shared With Family Members?

don’t want their medical information shared

“Patients can expressly dictate to the doctors that they do not want their medical information to be shared with family members,” explains Murry.

She continues:

“I believe patients should understand that doctors and all healthcare professionals have the legal responsibility to uphold their wishes and protect their medical records at all costs. However, when it’s in the public interest, doctors are obligated to share their medical information with government and family members.”

In most situations, disclosing your medical information to a relative won’t be in the public interest. So the best way to protect your sensitive health data is to understand your rights and make your wishes known to both your doctors and relatives.

Dr. Pontinen advises:

“To ease your concerns about family members having access to your medical information when you don’t want to, practice communicating with your healthcare providers openly about your right to privacy.

I recommend expressing your preferences and restrictions on information sharing in writing to assert your rights regarding the confidentiality of your medical records.”

You also must protect data on your end to ensure that nobody accesses it without your express consent. That’s where a platform like Trustworthy can offer much-needed peace of mind.

Trustworthy is a Family Operating System® protected by AES 256-bit encryption. It enables you to seamlessly upload and create digital copies of all your important family information — including medical records, documents like your medical power of attorney, will, insurance information, and everything in between.

Trustworthy also allows you to collaborate with your family members, medical practitioners, attorney, or financial planner to grant access to certain documents. This ensures you keep everyone in the loop when it comes to your privacy wishes. You can share your medical information with the people you trust most.

Want to learn more about how Trustworthy works? Discover our range of features now.


Frequently Asked Questions

Is Sharing Someone's Medical Information Illegal?

Yes. Under the HIPAA Privacy Rule, you’re only allowed to share someone’s medical information with their express consent unless they can’t give their consent or the disclosure is in the public interest.

Does the US Government Have Access To Medical Records?

In certain cases, yes. Some government agencies like the FBI can use a national security exemption within HIPAA to ask medical providers for patient information without their authorization.

When Can Patient Information Be Shared Without Consent?

Doctors can share medical information without your consent if you’re incapacitated, unable to give consent, or the disclosure is in the public interest.

Information Management

Navigating Consent: Sharing Medical Info with Relatives

sharing medical info with relatives

Nash Riggins

Jan 18, 2024

Families can be complicated, and sometimes, medical treatment exacerbates things. That’s why some patients prefer not to discuss their medical information with relatives, and their right to do so is enshrined in law.

Under the standards set out in the Health Insurance Portability and Accountability Act (HIPAA), patients are always in charge of their medical records, and practitioners can’t share that information with relatives under most circumstances. However, it’s important to note there are a few exceptions to the rule.

Read on to find out how HIPAA protects medical information, what rights your family has to access your medical information, and in what situations someone could legally access your information against your will.


Key Takeaways

  • Under the HIPAA Privacy Rule, patients have full control over their medical information in most situations.

  • Medical practitioners are legally permitted to share your medical information with your relatives at their discretion if you cannot provide consent.

  • Patients are within their rights to expressly tell medical staff not to disclose information to family members.


Are Medical Records Confidential in the USA?

are medical records confidential in the usa

Strictly speaking: yes. Medical records are confidential in the United States, and that confidentiality even applies to your relatives in certain situations.

Protecting your medical data is enshrined in the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA was enacted in 1996, establishing a set of national standards designed to safeguard sensitive health information, which practitioners often refer to as “protected health information” (PHI). 

Dr. Thomas Pontinen, MD, LCP-C Physician, and Co-Founder of MAPS Centers For Pain Control, explains: 

“HIPAA ensures all healthcare entities in the country establish and maintain safeguards to protect the confidentiality of medical information, giving patients control over access to their medical records by needing to provide explicit authorization for their release except when it’s for treatment, payment, and healthcare operations.”

Under HIPAA, covered entities like doctors, hospitals, and insurers must follow certain confidentiality rules including:

  • Sharing only the minimum information necessary for a specific purpose.

  • Requiring written authorization from the patient for most disclosures beyond treatment, payment or healthcare operations.

  • Implementing appropriate physical, technical, and administrative safeguards to protect PHI from unauthorized access, disclosure or misuse.

Dr. Pontinen adds:

“There are also varying state laws that reinforce HIPAA by imposing extra layers of protection, on top of the ethical codes that healthcare professionals follow to ensure patient privacy, especially regarding their medical info.”


What Rights Does the Family of a Patient Have to Access Their Medical Information?

family of a patient have to access their medical information

Under the HIPAA Privacy Rule, patients have full control over their medical records unless they’re incapacitated. That means your relatives have no right to your medical records unless you choose to share them.

Ashley Murry, Chief Clinical Officer at Sana Lake Recovery Centers explains:

“Even family members can only access a patient’s medical information when the patient is incapacitated or when the patient is in a state unable to provide informed consent for the disclosure.”

Suppose you’re unable to consent to a medical provider sharing your details with relatives. In that case, a doctor might need to use their own professional discretion to decide whether the family has a right to know what’s going on.

Murry adds, 

“For instance, a physician might discuss treatment intervention with the patient in the company of a family member or friend.

In our recovery facility, most of our patients might be in a position to provide consent due to their mental health condition, allowing us to always update their family members on their health progress.”


Is It Illegal to Share Someone's Medical Information With Relatives?

Generally speaking, no. Under the HIPAA Privacy Rule, it’s illegal for someone to share your medical information with relatives unless you provide written consent.

However, there are a couple of exceptions. 

Dr. Pontinen explains:

“It’s important to keep in mind that HIPAA’s Privacy Rule balances the protection of an individual's privacy with the need to involve family members in the healthcare process, which is why healthcare providers can generally use their professional judgment to determine whether disclosing information to a family member is in your best interest as a patient.

In such cases, sharing your medical information with family members is legal, especially with your consent, but it might be considered illegal if done in situations not covered by HIPAA’s exception clauses like treatment, payment, or healthcare operations.”

There are also a couple of clauses within the HIPAA standards that permit healthcare providers to share your information with relatives in certain situations.

For example, the Treatment, Payment, and Health Care Operations clause allows healthcare providers to share relevant medical information with family members involved in the patient's care if the disclosure is necessary for treatment, payment or healthcare operations — even without the patient’s explicit authorization.

As mentioned, HIPAA’s incapacity and emergency situations clauses permit healthcare providers to disclose patients’ medical information to family members in cases where the patient cannot provide authorization due to incapacity or emergency.

What Can a Patient Do If They Don’t Want Their Medical Information Shared With Family Members?

don’t want their medical information shared

“Patients can expressly dictate to the doctors that they do not want their medical information to be shared with family members,” explains Murry.

She continues:

“I believe patients should understand that doctors and all healthcare professionals have the legal responsibility to uphold their wishes and protect their medical records at all costs. However, when it’s in the public interest, doctors are obligated to share their medical information with government and family members.”

In most situations, disclosing your medical information to a relative won’t be in the public interest. So the best way to protect your sensitive health data is to understand your rights and make your wishes known to both your doctors and relatives.

Dr. Pontinen advises:

“To ease your concerns about family members having access to your medical information when you don’t want to, practice communicating with your healthcare providers openly about your right to privacy.

I recommend expressing your preferences and restrictions on information sharing in writing to assert your rights regarding the confidentiality of your medical records.”

You also must protect data on your end to ensure that nobody accesses it without your express consent. That’s where a platform like Trustworthy can offer much-needed peace of mind.

Trustworthy is a Family Operating System® protected by AES 256-bit encryption. It enables you to seamlessly upload and create digital copies of all your important family information — including medical records, documents like your medical power of attorney, will, insurance information, and everything in between.

Trustworthy also allows you to collaborate with your family members, medical practitioners, attorney, or financial planner to grant access to certain documents. This ensures you keep everyone in the loop when it comes to your privacy wishes. You can share your medical information with the people you trust most.

Want to learn more about how Trustworthy works? Discover our range of features now.


Frequently Asked Questions

Is Sharing Someone's Medical Information Illegal?

Yes. Under the HIPAA Privacy Rule, you’re only allowed to share someone’s medical information with their express consent unless they can’t give their consent or the disclosure is in the public interest.

Does the US Government Have Access To Medical Records?

In certain cases, yes. Some government agencies like the FBI can use a national security exemption within HIPAA to ask medical providers for patient information without their authorization.

When Can Patient Information Be Shared Without Consent?

Doctors can share medical information without your consent if you’re incapacitated, unable to give consent, or the disclosure is in the public interest.

Information Management

Navigating Consent: Sharing Medical Info with Relatives

sharing medical info with relatives

Nash Riggins

Jan 18, 2024

Families can be complicated, and sometimes, medical treatment exacerbates things. That’s why some patients prefer not to discuss their medical information with relatives, and their right to do so is enshrined in law.

Under the standards set out in the Health Insurance Portability and Accountability Act (HIPAA), patients are always in charge of their medical records, and practitioners can’t share that information with relatives under most circumstances. However, it’s important to note there are a few exceptions to the rule.

Read on to find out how HIPAA protects medical information, what rights your family has to access your medical information, and in what situations someone could legally access your information against your will.


Key Takeaways

  • Under the HIPAA Privacy Rule, patients have full control over their medical information in most situations.

  • Medical practitioners are legally permitted to share your medical information with your relatives at their discretion if you cannot provide consent.

  • Patients are within their rights to expressly tell medical staff not to disclose information to family members.


Are Medical Records Confidential in the USA?

are medical records confidential in the usa

Strictly speaking: yes. Medical records are confidential in the United States, and that confidentiality even applies to your relatives in certain situations.

Protecting your medical data is enshrined in the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA was enacted in 1996, establishing a set of national standards designed to safeguard sensitive health information, which practitioners often refer to as “protected health information” (PHI). 

Dr. Thomas Pontinen, MD, LCP-C Physician, and Co-Founder of MAPS Centers For Pain Control, explains: 

“HIPAA ensures all healthcare entities in the country establish and maintain safeguards to protect the confidentiality of medical information, giving patients control over access to their medical records by needing to provide explicit authorization for their release except when it’s for treatment, payment, and healthcare operations.”

Under HIPAA, covered entities like doctors, hospitals, and insurers must follow certain confidentiality rules including:

  • Sharing only the minimum information necessary for a specific purpose.

  • Requiring written authorization from the patient for most disclosures beyond treatment, payment or healthcare operations.

  • Implementing appropriate physical, technical, and administrative safeguards to protect PHI from unauthorized access, disclosure or misuse.

Dr. Pontinen adds:

“There are also varying state laws that reinforce HIPAA by imposing extra layers of protection, on top of the ethical codes that healthcare professionals follow to ensure patient privacy, especially regarding their medical info.”


What Rights Does the Family of a Patient Have to Access Their Medical Information?

family of a patient have to access their medical information

Under the HIPAA Privacy Rule, patients have full control over their medical records unless they’re incapacitated. That means your relatives have no right to your medical records unless you choose to share them.

Ashley Murry, Chief Clinical Officer at Sana Lake Recovery Centers explains:

“Even family members can only access a patient’s medical information when the patient is incapacitated or when the patient is in a state unable to provide informed consent for the disclosure.”

Suppose you’re unable to consent to a medical provider sharing your details with relatives. In that case, a doctor might need to use their own professional discretion to decide whether the family has a right to know what’s going on.

Murry adds, 

“For instance, a physician might discuss treatment intervention with the patient in the company of a family member or friend.

In our recovery facility, most of our patients might be in a position to provide consent due to their mental health condition, allowing us to always update their family members on their health progress.”


Is It Illegal to Share Someone's Medical Information With Relatives?

Generally speaking, no. Under the HIPAA Privacy Rule, it’s illegal for someone to share your medical information with relatives unless you provide written consent.

However, there are a couple of exceptions. 

Dr. Pontinen explains:

“It’s important to keep in mind that HIPAA’s Privacy Rule balances the protection of an individual's privacy with the need to involve family members in the healthcare process, which is why healthcare providers can generally use their professional judgment to determine whether disclosing information to a family member is in your best interest as a patient.

In such cases, sharing your medical information with family members is legal, especially with your consent, but it might be considered illegal if done in situations not covered by HIPAA’s exception clauses like treatment, payment, or healthcare operations.”

There are also a couple of clauses within the HIPAA standards that permit healthcare providers to share your information with relatives in certain situations.

For example, the Treatment, Payment, and Health Care Operations clause allows healthcare providers to share relevant medical information with family members involved in the patient's care if the disclosure is necessary for treatment, payment or healthcare operations — even without the patient’s explicit authorization.

As mentioned, HIPAA’s incapacity and emergency situations clauses permit healthcare providers to disclose patients’ medical information to family members in cases where the patient cannot provide authorization due to incapacity or emergency.

What Can a Patient Do If They Don’t Want Their Medical Information Shared With Family Members?

don’t want their medical information shared

“Patients can expressly dictate to the doctors that they do not want their medical information to be shared with family members,” explains Murry.

She continues:

“I believe patients should understand that doctors and all healthcare professionals have the legal responsibility to uphold their wishes and protect their medical records at all costs. However, when it’s in the public interest, doctors are obligated to share their medical information with government and family members.”

In most situations, disclosing your medical information to a relative won’t be in the public interest. So the best way to protect your sensitive health data is to understand your rights and make your wishes known to both your doctors and relatives.

Dr. Pontinen advises:

“To ease your concerns about family members having access to your medical information when you don’t want to, practice communicating with your healthcare providers openly about your right to privacy.

I recommend expressing your preferences and restrictions on information sharing in writing to assert your rights regarding the confidentiality of your medical records.”

You also must protect data on your end to ensure that nobody accesses it without your express consent. That’s where a platform like Trustworthy can offer much-needed peace of mind.

Trustworthy is a Family Operating System® protected by AES 256-bit encryption. It enables you to seamlessly upload and create digital copies of all your important family information — including medical records, documents like your medical power of attorney, will, insurance information, and everything in between.

Trustworthy also allows you to collaborate with your family members, medical practitioners, attorney, or financial planner to grant access to certain documents. This ensures you keep everyone in the loop when it comes to your privacy wishes. You can share your medical information with the people you trust most.

Want to learn more about how Trustworthy works? Discover our range of features now.


Frequently Asked Questions

Is Sharing Someone's Medical Information Illegal?

Yes. Under the HIPAA Privacy Rule, you’re only allowed to share someone’s medical information with their express consent unless they can’t give their consent or the disclosure is in the public interest.

Does the US Government Have Access To Medical Records?

In certain cases, yes. Some government agencies like the FBI can use a national security exemption within HIPAA to ask medical providers for patient information without their authorization.

When Can Patient Information Be Shared Without Consent?

Doctors can share medical information without your consent if you’re incapacitated, unable to give consent, or the disclosure is in the public interest.

Try Trustworthy today.

Try the Family Operating System® for yourself. You (and your family) will love it.

No credit card required.

Try Trustworthy today.

Try the Family Operating System® for yourself. You (and your family) will love it.

No credit card required.

Try Trustworthy today.

Try the Family Operating System® for yourself. You (and your family) will love it.

No credit card required.

Related Articles

what is a family operating system
what is a family operating system
what is a family operating system

Feb 9, 2024

What Is a Family Operating System? And Why Do You Need One?

critical role of information sharing in healthcare
critical role of information sharing in healthcare
critical role of information sharing in healthcare

Feb 2, 2024

The Critical Role of Information Sharing in Healthcare

sharing medical info with relatives
sharing medical info with relatives
sharing medical info with relatives

Jan 18, 2024

Navigating Consent: Sharing Medical Info with Relatives

hipaa uncovered
hipaa uncovered
hipaa uncovered

Jan 12, 2024

HIPAA Uncovered: What Information Is Shareable?

ferpa violations
ferpa violations
ferpa violations

Jan 11, 2024

FERPA Violations: Examples to Avoid in Education

decoding hipaa
decoding hipaa
decoding hipaa

Jan 10, 2024

Decoding HIPAA: What Information Can Be Shared Legally?

patient information doctor can share
patient information doctor can share
patient information doctor can share

Jan 5, 2024

Doctors & Family: What Patient Information Can They Share?

how to disable 2fa
how to disable 2fa
how to disable 2fa

Jan 2, 2024

How To Disable 2FA

how to share documents on goodnotes
how to share documents on goodnotes
how to share documents on goodnotes

Dec 26, 2023

How to Share Documents on Goodnotes

how to share documents in google docs
how to share documents in google docs
how to share documents in google docs

Dec 18, 2023

How To Share Documents in Google Docs

how to share documents on dropbox
how to share documents on dropbox
how to share documents on dropbox

Dec 13, 2023

How to Share Documents on Dropbox

share documents on teams
share documents on teams
share documents on teams

Dec 12, 2023

How To Share Documents on Teams

what is the most secure file transfer protocol
what is the most secure file transfer protocol
what is the most secure file transfer protocol

Dec 12, 2023

What is the Most Secure File Transfer Protocol?

how to use sharepoint for document control
how to use sharepoint for document control
how to use sharepoint for document control

Dec 9, 2023

How To Use SharePoint for Document Control

documents that have social security numbers
documents that have social security numbers
documents that have social security numbers

Dec 8, 2023

What Documents Have Social Security Numbers on Them?

how to disable the open file security warning
how to disable the open file security warning
how to disable the open file security warning

Dec 8, 2023

How to Disable the Open File Security Warning

shared documents in quickbooks online
shared documents in quickbooks online
shared documents in quickbooks online

Dec 7, 2023

How To View Shared Documents In Quickbooks Online

how to lock a file on sharepoint
how to lock a file on sharepoint
how to lock a file on sharepoint

Dec 4, 2023

How to Lock a File on SharePoint

what is document control
what is document control
what is document control

Dec 4, 2023

What is Document Control?

how to share confidential documents online
how to share confidential documents online
how to share confidential documents online

Dec 2, 2023

How To Share Confidential Documents Online

what does a document control specialist do
what does a document control specialist do
what does a document control specialist do

Nov 30, 2023

What Does a Document Control Specialist Do?

Guy on airplane
Guy on airplane
Guy on airplane

Jun 12, 2023

The Essential International Travel Checklist for Your Next Trip

Shredded documents
Shredded documents
Shredded documents

Mar 21, 2023

How to safely destroy sensitive documents

Feb 8, 2023

Is It Safe To Send Credit Card Info By Text? (5 Safety Tips)

Feb 1, 2023

Is It Safe To Send Credit Card Info By Email? (5 Safety Tips)

Person looking at credit card at computer
Person looking at credit card at computer
Person looking at credit card at computer

Feb 1, 2023

Is It Safe To Text Social Security Number? (5 Safety Tips)

Person typing on computer
Person typing on computer
Person typing on computer

Feb 1, 2023

Is It Safe To Email Social Security Number? (5 Safety Tips)

Feb 1, 2023

Is It Safe To Save & Send Credit Card Info Through Google Drive?

Is it safe to put sensitive files in Google Drive?
Is it safe to put sensitive files in Google Drive?
Is it safe to put sensitive files in Google Drive?

Feb 1, 2023

Is It Safe To Put Sensitive Files In Google Drive? (7 Tips)

Feb 1, 2023

Is It Safe To Share Google Drive Link? (Yes, Here's How)

Person Typing
Person Typing
Person Typing

Feb 1, 2023

Is It Safe To Store Tax Documents On Google Drive? (5 Tips)

Feb 1, 2023

Is It Safe To Send Credit Card Info By WhatsApp?

Friends hanging out
Friends hanging out
Friends hanging out

Jan 24, 2023

Trustworthy guide: Organize Your Digital Space for 2023

Jan 18, 2023

Which Documents Should We Keep a Paper Copy of? Which Documents Can We Scan and Recycle?

Mar 2, 2022

What To Look for in a Legal Document Management System

Woman working
Woman working
Woman working

Mar 1, 2022

How to securely manage your legal documents

Two friends with masks
Two friends with masks
Two friends with masks

Mar 1, 2022

Does my state have a digital vaccine card?

Mom and daughter looking at computer
Mom and daughter looking at computer
Mom and daughter looking at computer

Mar 1, 2022

10 ways to win at Trustworthy and organize your life