Law and Ethics in Medicine


The right to life envelops all the jurisprudential aspects of law and enforcement. The ethical parameters in the right to life are an everyday interaction in any given place, public situation, and personal circumstances. The state protects and preserves the same parlance in a way the government creates and establishes its policies, and as well in the legislative formulation. Therefore, the right to life is a universal declaration that is fundamental in every law of the land.

In the preservation and protection of the right to life, the medical profession has a critical role in promoting the highest ethical standards in treatment. It does not only encompass the medical doctor’s pledge of allegiance to Hippocratic Oath but also the moral act, social responsibility, and promotions of prevailing laws and ethics in medicine. Thus, a state policy abides to the circumstance between doctor and patient relationship, in which the latter seeks to revive life.

The rationale of law and ethics in medicine has been implied as a “dutiful profession”, and the violation is a “vicarious liability” that needs the application of law and interacting standard care (Wilson, 2007). This rationale may point out on the dependability of patients in medical treatment and healthcare that carry out the government’s fiscal and legal management relating to welfare and services. The federal law in health and medical care provides selective (yet limited) protections in the aspects of medicine purchasing, health insurance and medical malpractice.

This paper aims to briefly discuss the importance of Health Insurance Portability and Accountability Act (HIPAA) relating to law and ethics in medicine.

What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 were previously known as the “Kennedy-Kassebaum legislation”, as it was legislated to provide health and medical insurance coverage to workers. However, the HIPAA has become a comprehensive policy in providing health and medical insurance coverage under US Public Law 104-191 with the following provisions: (1) Improved efficiency in healthcare delivery by standardizing electronic data interchange, and (2) Protection of confidentiality and security of health data through setting and enforcing standards (HIPAA Primer, 2005).

In other words, HIPAA is created for improving the retention of employee’s benefits (upon transfer of employment) and tenure, applicability, and entitlement to healthcare insurance. Likewise, HIPAA is commissioned to regulate the healthcare business as a growing industry that could be susceptible to fraud, misuse and abuse. In sum, HIPAA enacts in protecting the beneficiaries while administering the functions of healthcare insurance system to ensure HIPAA compliance.

HIPAA privacy policy

According to HIPAA Primer, healthcare beneficiaries are not prohibited to access their medical records. In fact, the HIPAA stipulates the protection of privacy in safekeeping of records, which is exemplified by the attending physician’s safekeeping of patient’s information relating to health history and diagnosis, to name a few. As provided by HIPAA, the patient is entitled to be furnished by the doctor with a copy of the records without charge.

On the other hand, the healthcare insurance firm shall keep a copy of the record provided non-disclosure to other parties. Otherwise, the patient (being a client of a healthcare insurance firm) shall provide an authorization letter to the healthcare insurance firm to access the record. However, the restriction of “accessing” the patient’s record may be cancelled by a given circumstance, such as (1) legal claim to settle payment from healthcare insurance firm for the medical services rendered to an insured patient, and (2) a medical condition or diseases that are proven highly infectious and threatening to health of the population.

Circumstances to access Personal Health Information (PHI)

According to HIPAA Privacy Rule, the access to Personal Health Information (PHI) must establish “class entities with reasonable certainty”, meaning, the determination of access to PHI must be consistent to the prevailing and probable circumstances.

To cite an explanation, the circumstances are covered by Section 164.152 stipulating the specified “ 12 general requirements for authorization’s uses and disclosures”, such as: (1) Required by law; (2) Public Health Activities; (3) Victims of Abuse, Neglect or Domestic Violence; (4) Health Oversight Activities; (5) Judicial and Administrative Proceedings; (6) Law Enforcement Purposes; (7) Decedents; (8) Cadaveric Organ, Eye, or Tissue Donation; (9) Research; (10) Serious Threat to Health or Safety; (11) Essential Government Functions; and (12) Workers Compensation (WEDI-SNIP, 2002).

Requirements for privacy policy

The requirements for privacy policy are provided by HIPAA Privacy Practices Notice. Briefly to quote the provision, “each covered entity, with certain exceptions, must provide a notice of its privacy practices”.

To cite the provisions, the privacy rule requires “notice that contain certain elements”, such as (1) must describe the ways in which the covered entity may use and disclose protected health information, (2) must state the covered entity’s duties to protect privacy, provide a notice of privacy practices, and abide by the terms of the current notice, (3) must describe individuals’ rights, including the right to complain to US Department of Health and Human Services (USDHHS) and to the covered entity upon doubts or beliefs on violations to privacy rights, (4) must include contact information upon filing of complaints to the covered entity, and (5) the “covered entities” must act in accordance with their notices (USDHHS, 2003)

Compliance to privacy policy

This section concerns the employees in the medical office regarding privacy policy requirement, responsibility and penalty. The coverage is an explanatory note in the “pre-disposed” complementation of training to medical personnel, as to whether employment- rendered or “self-rendering” of conscious compliance to HIPAA privacy policy.

The privacy policy may be self-explanatory and “self-training” on the proper compliance, as otherwise to be dealt with legal liability and federal penalty. To cite, the federal court may impose a fine of Five Thousand US Dollars ($5,000.00) as provided by the Privacy Act of 1974 (5 U.S.C. 552a), in which the HIPAA provides the general coverage of criminal and administrative penalty (US-PAO).

In which case, HIPAA under the Privacy Act of 1974 compels the medical employees or personnel to comply through a conscious effort to review the HIPAA Primer, discuss with employers and inquire further clarifications on the rules and policies from available offices or web sites of the US Department of Health and Human Services.


The law and ethics in medicine is essential in pursuance of the right to life. The HIPAA extensively secures the individual rights of employees to sustain their healthcare benefits in workplaces. The “portability” that HIPAA ensures the welfare to health addresses the “responsibility” or obligation of the health service insurer.

In conclusion, the HIPAA aims to empower the law and ethics in medical and healthcare servicing, in which the beneficiaries are perceived to be vulnerable to flaws in availing the basic healthcare services, as the healthcare program grows into potential industry. The regulatory commissioning of the health insurance system remains a challenge to law enforcement, and possesses the critical role of medical practitioners in rendering the ethical standards, efficient and quality services to patient and social response to the industry.

Thus, the law and ethics in medicine must continuously provide the significant requirement of the right to life by promoting and providing the right to health of the population.


HIPAA Primer (2005). ‘Health Insurance Portability and Accountability Act of 1996’.

Retrieved 03 July 2008 from

WEDI- (SNIP) Strategic National Implementation Process (2002). ‘Privacy Policies and

Procedures: A Resource Document’. Retrieved 03 July 2008 from

Wilson, M. (2007). ‘Study Guide: Law and Ethics in Medicine’. Retrieved 03 2008.

US Department of Health and Human Services (2003). ‘Summary of the HIPAA Privacy

Rule’. Retrieved 03 July 2008 from

US Privacy Act Office (2008). ‘Privacy Act of 1974: Imposition of Penalty’. Retrieved 03 July 2008 from PrivacyAct/index.cfm?module=pao_gen_qa.