Privacy Policy 101: What Every Website Owner Should Know

Healthcare and Privacy Policies

hipaa compliant privacy policyQ: This sounds complicated. Are there more types of private information that gets protected?

A: Yes, primarily data pertaining to a visitor’s health. In the United States, there are complex rules affecting website privacy promulgated under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH Act) of 2009. These laws and rules are particularly important to professional healthcare providers (e.g. doctors and dentists) when it comes to protecting patient privacy.

Why Transparency is Essential

Q: Okay, if I comply with all of these laws and rules, what do I have to disclose in my privacy policy? Shouldn’t compliance be enough?

A: Unfortunately, simply obeying the rules in collection isn’t sufficient. Your website’s privacy policy should be fully transparent about what is collected, how that information is used by you as the site owner, and, to the extent it is legal to do so, how the data is shared with third parties by individual visitor or in the aggregate.

Equally important for gaining visitor trust is to state what you are not doing with the information collected. For example, if you are not selling or otherwise sharing data with third parties, let visitors know that.

Related Article: 5 Business Website Disclosures And Disclaimers

5 Business Website Disclosures And Disclaimers For TransparencyQ: Why?

A: Because you want to give the visitor enough data to make an informed choice about using your site (or deciding not to use it). And for some jurisdictions, even that’s not enough.

For example, under some circumstances you may have to provide data to website visitors who are California residents if they request it pertaining to PII shared with third parties…and your privacy policy should make it easy for them to make that request…

Author Mike Young, Esq.

Internet Lawyer Mike Young provides contracts and other efficient legal solutions to business owners and C-level executives of privately held companies. To get legal advice from Mike, click here to set up your phone consultation with him.

More posts by Mike Young, Esq.