What is HIPAA?

HIPAA is The Health Insurance Portability and Accountability Act of 1996.


Understanding HIPAA is an integral part of working in any medical setting. While HIPAA regulates virtually every aspect of the healthcare experience as a whole in America (health insurance coverage, paid/guaranteed leave, FMLA, etc.); the most relevant part of the Act for an interpreter or member of the public who frequently works with interpreters is the Privacy Rule.

According to the US Department of Health and Human Services, the Privacy Rule (also known as the Standards for Privacy of Individually Identifiable Health Information) sets national standards for the protection of health and patient information. The rule applies to anyone with access to Protected Health Information.

Protected Health Information (PHI) covers all the details that can be used to identify a patient.

In addition to the first name, last name, address, birth date, demographics, and social security number, PHI includes:

  • An individual’s past, present, or future physical or mental health or condition
  • Details about the provision of health care to the individual (appointment schedules, names of the patient’s providers, etc.)
  • The past, present, or future payment for the provision of health care, including both paid and unpaid bills

So how does HIPAA affect a Medical Interpreter’s job on a daily basis?

The goal of the Privacy Rule is to protect patient information and confidentiality.

To limit the risk of non-compliance, a medical interpreter should always avoid:

  • Discussing patient details (PHI) with anyone other than the clinical staff directly involved with the patient.
    • If the interpreter needs to disclose or discuss confidential information to one of these pre-approved individuals; the interpreter must make sure that there is no one else in the room; and the door always closed.
    • The medical facilities will have private spaces for that purpose.
  • Using a patient’s full name in unprotected e-mails or public phone calls.
    • Tip: If the Medical Interpreter is ever in doubt, we suggest using a patient’s initials or case number.
    • The case number is provided by the Project Manager.
    • Telephone calls to the Project Manager, or about patients, always in private.; but if that’s not possible, using patient initials is the next best course of action.
  • Throwing away any paper that includes PHI (for example: work orders/contracts, as they contain the patient’s name).
    • These documents should go into a secure, HIPAA compliant shredder.
    • Furthermore, interpreters should destroy these documents in front of both the provider and patient at the end of each of their interpreting session.


If an interpreter has questions about whether the information is protected by HIPAA, or if he needs to report a significant detail and is not sure that it is confidential; we recommend erring on the side of caution.

The interpreter can speak with the clinician directly responsible for the patient’s case in a private room with a closed door. No information can be discussed about any patient (s) outside of the medical appointment.

If an interpreter is concerned that he has accidentally violated HIPAA; You should contact your Interpretation Project Manager to assess the situation and determine if further action is necessary.


  1. Bibiana Borroto on May 21, 2019 at 8:30 pm

    I would like to know if a medical interpreter is allowed to use eCW as a provider and use the system to bill for interpreting services.

    • Carles Pont on May 23, 2019 at 7:49 am

      Thank you for your inquiry Bibiana. It is up to the provider and interpreter, and the nature of their business relationship as to whether the provider wanted to issue access to their EHR software for billing purposes. Access to any patient information would obviously have to be carefully protected using both technological and contractual safeguards. From our point of view, as an agency, our billing process is flexible and can accommodate submitting bills via a client’s online platform as long as the proper safeguards are in place. We would review this on a case by case basis.

Leave a Comment