HIPAA
HIPAA stands for the Health Insurance Portability and Accountability Act (HIPAA) and was enacted by the U.S. Congress in 1996. HIPAA has 2 main parts, one which protects health insurance coverage for workers and their families when they change or lose their job, and a second part that requires the establishment of national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers.
The most visible part is the Privacy Act which took effect in 2003. This part of HIPAA controls who has access to your medical records and billing, they call this Private Health Information (PHI). The good part is that it goes a long way to protect your privacy and limits the people that can discuss your health or your bill. Medical providers aren't always happy with it because it creates a lot of paperwork and holds them responsible for maintaining your privacy.
So now, under HIPAA, if you're in the hospital, and a friend calls to ask how you are doing, the hospital cannot give out that information without your permission. It also means that your boss can't call your doctor to see if you really were sick when you called in last week.