Do Health Insurance Companies Have Access to Medical Records?

Should I buy life insurance for my children?

Rachael Brennan has been working in the insurance industry since 2006 when she began working as a licensed insurance representative for 21st Century Insurance, during which time she earned her Property and Casualty license in all 50 states.
After several years she expanded her insurance expertise, earning her license in Health and AD&D insurance as well. She has worked for small health in…

Full Bio →

Written by

Benjamin Carr was a licensed insurance agent in Georgia and has two years’ experience in life, health, property and casualty coverage. He has worked with State Farm and other risk management firms. He is also a strategic writer and editor with a background in branding, marketing, and quality assurance. He has been in military newsrooms — literally on the frontline of journalism.

Full Bio →

Reviewed by



Benji Carr


Former Licensed Life Insurance Agent


UPDATED: Jan 3, 2022

Advertiser Disclosure

It’s all about you. We want to help you make the right life insurance coverage choices.

Advertiser Disclosure: We strive to help you make confident life insurance decisions. Comparison shopping should be easy. We are not affiliated with any one life insurance company and cannot guarantee quotes from any single company.

Our life insurance industry partnerships don’t influence our content. Our opinions are our own. To compare quotes from many different life insurance companies please enter your ZIP code above to use the free quote tool. The more quotes you compare, the more chances to save.

Editorial Guidelines: We are a free online resource for anyone interested in learning more about life insurance. Our goal is to be an objective, third-party resource for everything life insurance-related. We update our site regularly, and all content is reviewed by life insurance experts.

Quick Facts

Health insurance companies have access to medical records to verify eligibility
Your insurer also has access to records necessary to authorize payment
Certain databases track some medical information on everyone

It seems like there are new stories about data breaches every week — from credit card companies to hospital systems, no organization is invulnerable. 

And besides breaches and hacks, there’s the concern that your information is legally accessible without your knowledge or explicit permission. What do your employer, doctor, and insurance provider know about you?

For instance, how much of your medical information does your health insurance company have access to?

Is it just your basic demographic information, or the details of every blood test, weigh-in, and check-up? Keep reading to learn more about your medical records, health insurance, and your rights under HIPAA.

If you want to find another health insurer or just want to find the best health insurance rates, you can enter your ZIP code to compare health insurance rates now.

What Information Does Your Health Insurance Company Have Access To?

First things first:  your health insurance company has access to some parts of your medical records, but only those which are necessary for it to do its job. 

See also  10 Simple Ways to Ask for Business

Most of the information your insurance company can view relates to payment processing and eligibility. 

Let’s look at some of the information your insurance company needs access to.

Healthcare Eligibility

When you apply for health or life insurance, the insurance company may request some information to determine your eligibility for coverage in accordance with your life insurance underwriting guidelines. 

However, this does not extend to your entire medical history.

Typically, insurance companies belong to the Medical Information Bureau or the MIB. This is where they’ll go to get medical record information about you.

The information about you in the MIB database is not extensive and doesn’t contain detailed reports about any medical exam, lab tests, x-rays, or any other specific personal information. Instead, it keeps track via codes that refer to broad categories of any medical condition. Insurance companies use these codes to determine if they need further information about an applicant before insuring them.

Three important things to know about MIB reports include:

You can request a copy of your MIB report to see the same information insurance companies see. 
Your doctor cannot send information about you to the MIB without your written authorization.
Information stays on file with the MIB for seven years. 

The information the MIB has is for underwriting purposes and is meant to protect insurance companies from inaccurate insurance applications. 

Information to Authorize Payment

Once you have insurance, your healthcare and pharmacy providers begin a regular line of communication with your insurer via billing.

Your insurance company needs to know what they’re processing payments for. Therefore, providers and their billing departments will share information relating to:

Test results – If a medical test reveals that you have a condition that requires follow-up and treatment, your insurance company will need to know about it so that they can authorize payment on the treatments. They’ll also need to know if your doctor requests testing or lab work for you. 
Treatment plans – While every detail of your treatment plan isn’t needed, your insurance company will be informed of procedures, tests, and other elements of care that they’ll be billed for and required to make a payment on. 
Medical history – While your insurance company cannot request your entire medical history, they will need to know information related to the history of symptoms, treatments, and testing for a procedure you need or elect to have done. The insurer will need to see a demonstrated need for the procedure to authorize payment for it. It’s important to note, though, that they only need information demonstrating a medical need for a procedure — that doesn’t mean they’ll have access to every aspect of your condition or situation. 

See also  5 Questions Bob Doll Is Asking About Today's Markets

Your life insurance quotes are always free.

 Secured with SHA-256 Encryption

What Rights Do You Have to Protect Your Health Information?

You have the right to protect your health information to the fullest extent possible.

That being said, there are times when it’s necessary to share some information with providers and insurers so that you can receive treatment and your insurance company can make payments on your behalf.

You’ve probably heard of HIPAA, but in case you’re not entirely familiar with the protections it offers, we’ll review them.

What is HIPAA?

The Health Insurance Portability and Accountability Act, or HIPAA, protects you by preventing the disclosure of your medical information without your knowledge and consent. There are two parts to HIPAA: the privacy rule and the security rule. Let’s look at a quick summary of what each of these covers:

The privacy rule – This sets standards for using and disclosing your health information. It also ensures that you have access to your information and are clearly told how your information is used. The goal of the privacy rule is to make it possible for you to receive the best possible care while maintaining your right to privacy. It does allow for the sharing of the necessary information with or without your permission for treatment, payment, and care. However, only the information that is necessary can be disclosed.
The security rule – This rule applies to the entities that have your protected health information. It states that the information must be kept secure at all times. Any form of breach must be disclosed to you.

How Do HIPAA Laws Apply to Specific Entities?

Now that you have a basic understanding of HIPAA works, let’s take a closer look at how the laws apply to specific entities.

You and Your Family

You have the right to request a copy of your medical records and, by law, your doctor must provide it to you within 30 days. The doctor’s office can charge a small fee for copying or mailing the records, but that’s all. 

In some cases, you might choose to give a family member access to your medical records. How do you know if you’ve already done this? You would have asked to sign a release form allowing specific members of your family to also access your records. Otherwise, your doctor can’t share this information with them.

Sometimes, your doctor will ask if it’s acceptable to leave a message or speak with someone else in your household if you’re not available. You would sign an authorization form for this as well. 

Your Doctors

Your doctor will see the health information you provide on the forms you fill out when you go to their office. They can also ask you questions about your health for the purpose of treating you. If you need to see a specialist or another provider, your doctor will have you sign an authorization allowing them to share your information with the other doctor as well.

See also  UBS Names Wealth Co-Heads in Management Shakeup

Your Insurance Company

As we’ve discussed, your insurance company can request information about your health records for the purpose of payment authorization. If you deny them access to the records they need, they may decline authorization of payments to your providers and you’ll be stuck with the bill.

Medical Information Bureau

The MIB can request information about you and, with your authorization, store it for the use of insurance companies. Your doctor cannot send this information without your signed permission.

Prescription Databases

The rules regarding prescription databases and HIPAA put those seeking insurance in a tight place.

There are two large companies, Milliman and Ingenix, that buy prescription information data. They compile it into reports that they then sell to insurance companies. You do have to give authorization for your prescription information to be provided to these companies but, unfortunately, it’s very difficult to get health insurance if you don’t agree to share your information with them.

As you can guess, the information insurers receive can be used to make estimates and guesses about your health. For example, if you regularly take two medications to control two separate issues, the insurance company can determine that you’re likely to be a more costly person to insure. They will then charge you more for your premium than they would if you were not taking two prescription medications.

Balancing Privacy and Necessity

As you can see, there are many elements involved in HIPAA and the authorization of your medical records. Ultimately, HIPAA was created to keep you and your information safe. 

Nonetheless, it gets tricky to balance your information security, your privacy, and what your insurance company needs to know to make payments to your providers.

Keep Your Information Safe

All of this may leave you wondering — how do you keep your information safe while still getting the healthcare and insurance you need?

Unfortunately, sharing some of your information is a necessary step in obtaining health insurance. However, you can mitigate the risk to you and the possibility of higher premiums by keeping an eye on your information. 

Some of our top tips for doing so include:

Obtaining copies of your medical records regularly
Checking your records for errors and requesting changes if you find any mistakes
Carefully reading any authorization forms related to the release of your medical information.

Your life insurance quotes are always free.

 Secured with SHA-256 Encryption

Find the Best Health Insurance for Your Needs

We know how tough it can be to find the right health insurance company. There are countless options out there and you need one that gives you a good rate, excellent coverage, and a sense of security that your information is safe. 

We help you compare plans and rates with our free, easy-to-use tool. This enables you to make the best decision for your health and your family. Get started today with our free search tool and start saving on your healthcare.