|
|
ARE YOU “HIP” WITH HIPAA?
By Becky Knauer
Ignorance is no longer bliss.
To the dismay of the health care industry, the recent privacy rules, in effect as of April 14, 2003, require patients to supply permission to hospitals, doctor’s offices and pharmacies in order for their records to be disclosed. For the first time, a federal law, rather than a patchwork of state regulations will protect the confidentiality of medical files. This consent requirement not only creates excessive amounts of paperwork for patient and staff alike, but could also cause a substantial (and possibly critical) delay in health care and treatment.
New York State Medical Laboratory Technologist, Danielle Dynysiuk considers the new privacy rules an unnecessary extreme to previously instated hospital regulations.
“Hospitals already had patient confidentiality rules and it is pretty much common sense not to talk about a patient and his records,” Dynysiuk said. “I think there should be stricter penalties for those who violate the rules instead.”
According to the Washington Post, Melinda Hatton, vice president of the American Hospital Association said that the chief complaints are that the rules are onerous, expensive and unnecessary.
“I'd say fear and loathing is a pretty good description,” Hatton said. “HIPAA affects almost every aspect of a hospital's operation. I think the public has no idea how complicated and burdensome these rules are.”
Similar to Dynysiuk’s views, rheumatologist John Lawson, president of the Medical Society of the District of Columbia told the Washington Post that these new medical rules are not only an intrusion of the federal government into the medical field, but also an exaggerated version of already strict policies.
“Doctors have never handed out patients' records blindly on the street," Lawson said. “This is just another unfunded mandate that creates a whole new bureaucracy to reinforce something that is generally being done already.”
There does exist an upside to these regulations, however. By instituting these new rules, the government is trying to take an initiative to strengthen and protect an individual’s rights. As mentioned on the United States Department of Health and Human Services (HHS) website, the regulations are an attempt to provide the utmost of privacy to patients in terms of their personal medical records.“The new privacy regulations ensure a national floor of privacy protections for patients by limiting the ways that health plans, pharmacies, hospitals and other covered entities can use patients' personal medical information,” the website said.
Against many opponents’ beliefs, patients are not completely suffocated under these rules. The HHS website also included patients’ rights while regulated under the new standards. (See sidebar)
Medical consumer advocates believe these new regulations are a pleasant change to the previously mild procedures. Carrie Wiederholtz, an Old Tappan, NJ resident, was recently admitted to the Pascack Valley Hospital in Westwood, NJ for an illness and was pleasantly surprised by the strictness of the hospital staff regarding her privacy.
“Having recently been at the hospital, I am happy to know that my records are private,” Wiederholtz said. “Although my illness wasn’t something serious or significantly personal, I felt better knowing that I had the right to withhold my records from those that I feel have no right viewing my personal medical history.”With a failure to adhere to these new medical privacy regulations, comes a harsh penalty. The Washington Post reported that those disclosures that are intentional are punishable by a $50,000 fine and a year in prison. It also included that violators with intent to sell the information face criminal and civil penalties that can equate to as much as $250,000 in fines as well as an additional 10 years of jail time.
As a laboratory technologist, Dynysiuk said she has been extensively trained to work within these new privacy laws and has recognized that while it is burdensome, it is, for the most part, to safeguard patients. Being a hospital employee, however, she said she feels she should be allowed to view a patient’s medical records for her own safety.
“Hospitals should have their own strict policies for the benefit and safety of their health,” Dynysiuk said. “As a lab technologist I feel I have the right to know so I can protect myself.”
The Health Insurance Portability and Accountability Act (HIPAA), originally named the Kennedy-Kassebaum bill after its sponsors, was passed in 1996. The goals of this legislation were to standardize healthcare so as to make it more efficient, protect a patient’s privacy from the openness of the Internet as well as to relieve people’s fear that a new insurer would not cover a preexisting condition.
There was one stipulation to this bill; if privacy standards were not adopted within three years, the White House would take on this responsibility. In 1999, both the House and the Senate failed to do so, therefore putting it into the hands of the Clinton Administration.
Less than a month before the close of his term in December of 2000, Clinton instated rules that required patients’ written consent before any information was disclosed to health care providers.
President George Bush was faced with strong opposition to this when he stepped into office. His decision was to not do away with the privacy rules, but instead revise them. In August of 2002, HHS issued the final HIPAA rules; requirement for a patient’s consent to disclose personal information was replaced by an exemption for information used for operations, payment of healthcare or treatment. Doctors and pharmacies are also prohibited from selling a patient’s name to drug companies as a means of marketing.
Take the time to get to know your rights:·
- Access To Medical Records. Patients generally should be able to see and obtain copies of their medical records and request corrections if they identify errors and mistakes.
- Notice of Privacy Practices. Covered health plans, doctors and other health care providers must provide a notice to their patients how they may use personal medical information and their rights under the new privacy regulation.
- Limits on Use of Personal Medical Information. The privacy rule sets limits on how health plans and covered providers may use individually identifiable health information. To promote the best quality care for patients, the rule does not restrict the ability of doctors, nurses and other providers to share information needed to treat their patients.
- Prohibition on Marketing. The final privacy rule sets new restrictions and limits on the use of patient information for marketing purposes. Pharmacies, health plans and other covered entities must first obtain an individual's specific authorization before disclosing their patient information for marketing.
- Stronger State Laws. The confidentiality protections are cumulative; the privacy rule will set a national "floor" of privacy standards that protect all Americans, and any state law providing additional protections would continue to apply.
- Confidential communications. Under the privacy rule, patients can request that their doctors, health plans and other covered entities take reasonable steps to ensure that their communications with the patient are confidential.
- Complaints. Consumers may file a formal complaint regarding the privacy practices of a covered health plan or provider.