These rules are the first comprehensive federal protections for health privacy. The laws will prohibit disclosure, without patient permission, of most health information and holds violators of these boundaries accountable.

"Congress has passed other laws to protect consumers' personal information contained in bank, credit card, other financial records, and even video rentals," the rule states as published in the Federal Register. "These health privacy protections are intended to provide consumers with similar assurance."

The new privacy rules are one of several rules passed under the Health Insurance Portability and Accountability Act of 1996. After much debate and many revisions, the rules are being implemented. Some of the rules refer to how information is transferred and coding used in that information. But as the federal government dictates the way health information is used, it also is implementing what privacy should be given to information.

Some changes will be invisible to the patient, but others, such as what information is released to other people, will be more apparent. Patients can expect to sign a form declining or accepting to make their information available to others such as family, friends and even media. Overall, the decision over what information is available to whom is determined by the patient.

For example, if, during hospital visits patients opt out of having all their information available, at some centers the patients' names will not appear on the list available to staff or patients there. This means media inquiries, flower deliveries or other inquiries, besides those made to care for the patient, are not answered. However, even inquiries or use of information that pertain to patient care will change. New safeguards are in place to protect information being transmitted between a physician and an insurer to ensure the patient's identity and other personal information are only seen by the those who are necessary to administer services. Even a discussion of a patient's condition in a hallway among two doctors is a matter for privacy concerns.

Implementing these rules has been a difficult and expensive task for the health plan and health care providers and related entities that must comply with them. Some companies such as Blue Cross and Blue Shield must change standing agreements with customers to meet the requirements or face large fines or possible jail time. For example, many of Blue Cross' members older than 65 have verbally requested that family members be able to manage their health care insurance issues, but the new guidelines require written approval.

Other organizations such as hospitals must now limit how and when they give information about a patient's condition.

The burden falls on doctors, hospital, health plan providers and others who handle this information to alert patients and consumers in plain language of their rights and their choices.