The Health Insurance Portability and Accountability Act of 1996, commonly known as HIPAA, began as a portability act to enable people to "port" their health insurance coverage as they transitioned from one job to another.
HIPAA gradually evolved to include so much more than just the convenience of interim health insurance coverage and portability.
Today, it is a complicated set of regulations, and in many cases, health care providers no longer require patient consent to use information technology to transfer the patients medical records from one location to another. The Privacy Rule, which was an amendment to the original Act, provides that the consent provisions are replaced with a new provisionthat provides regulatory permission for covered entities to use and disclose protected health information for treatment, payment, or health care operations. (Excerpt from the 2002 Amendment to the Privacy Rule.)
According to
patientprivacyrights.org, "HIPAA (initially) produced absurd results because patients were no longer asked what medical information they wanted shared and what information they wanted to be kept private. Barriers were created that patients didnt want, and access was granted to private corporations, individuals and government agencies that patients would never have agreed to.
Even more damaging, the amendments to the Privacy Rule opened the nations sensitive health records to millions of providers, employers, government agencies, insurance companies, billing firms, transcription services, pharmacy benefit managers, pharmaceutical companies, data miners, creditors and more for any routine use."
What most of us don't realize is that when we sign the HIPPA form in our medical practitioner's office, there are many things that third parties can do with our medical records, and even use it to engage in direct marketing. Far from protecting our privacy, HIPAA permits some degree of involuntary disclosure without knowledge as to who gets our information or how. This leads to troubling questions: for instance, is our medical history and information being sold to the highest bidder? Are employers using this access to screen out otherwise qualified candidates? Are your child's chances of being accepted into a particular school or university compromised by an early childhood diagnosis of ADHD or some other ailment? HIPAA does offer some protections, but many patients may be surprised to learn how many loopholes there are in HIPAA requirements.
So, where does this leave us? With the ball squarely in our court, that's where! There are ways for patients to take action and protect the privacy of their personal health records. One of these ways is to access the
Patient Privacy Toolkit, provided by the Patient Privacy Rights Foundation (PPR) located in Austin, TX. PPR is a national health privacy watchdog and a 501(c)(3) nonprofit organization dedicated to ensuring our right to control our medical privacy.
