KimHaas.com Transcription Coaching, Blogs and Articles
December 12 2009
-
Obama’s Healthcare Proposals Addresses Some HIPAA Concerns
President Barack Obama’s US$825 billion economic plan seeks to improve security and privacy concerns over the existing Health Insurance Portability and Accountability Act (HIPAA).
The first phase involves the pumping of $20 billion by The Health Information Technology for Economic and Clinical Health Act (HITECH) bill to generate a national health record system that would essentially enhance the way health data is electronically created, accessed, stored, shared and controlled. While some health care experts commended the move due to the long-felt need of upgrading security controls, others felt that the changes could be diluted at the behest of health care lobbyists.
One of the key upgrades over HIPPA is the bill’s proposed ban on the sale of protected health information in electronic medical records and limitations on marketing such data. This is because the sale and use of personal health data by health care vendors and providers has long posed a strong risk to patient privacy. With the new proposal, patient consent before using their information would be a minimal requirement for hospitals and physicians.
Another major change mandates that all health care providers and others using health care data disclose in a timely manner any data breach involving the unauthorized acquisition, access, use or disclosure of protected patient health information. This new federal rule is similar to several state laws that require the prompt disclosure of the loss of financial data.
The HITECH bill would also hold business associates - such as billing and medical transcription services - to equal security and privacy standards as the controllers of health care data. The new bill gets rid of the many loopholes that let providers evade similar HIPAA restrictions. It also calls for seriously penalizing or imposing fines on third parties, found to be neglectful in protecting health care information.
This is quite contrary to the earlier negligent cases of HIPAA violations by the U.S. Department of Health and Human Services despite the many complaints lodged by patients. The proposed law also calls for HHS to uncompromisingly audit health care firms and their partners, and to keep audit trails of all patient transactions. The proposed law would also mandate that all patient health data be encrypted.
Although the provisions are definitely a step forward to HIPAA, it does have some limitations. For one, HITECH doesn’t allow individuals to take legal action against health care firms. The legislation would let patients file complaints against providers to HHS. If the government fines a health care firm on the basis of that complaint, the individual would receive a percentage of that amount.
Moreover, the new bill’s restrictions on who can access health care databases are unclear as there is ambiguity on the degree of the patient’s right to control of their health care data. While the new provisions would ban the outright sale of patient data without consent, in many cases it allows health care providers to continue sharing it with third-parties.
Another important concern is that health care lobbyists may have a degree of success in convincing legislators to ease the proposed security and privacy controls, especially those related to breach disclosure and a provision that would require health care providers to segment sensitive information at the request of a patient.
About the Author:
Source: www.computerworld.com
0 comments | Mom's Raves • Industry News • Changes •
Posted by Anonymous on 12/12 at 09:25 PM
Next entry: Conference Call Transcript Service - Your Modern Secretary •
Previous entry: So You Think You Will Get Rich in General Transcription