[ Tuesday, April 13, 2004 ]
Another alleged HIPAA horror story. This one
from Chicago. Of course, the caretaker could've asked the patient why he was in the hospital to begin with, and if the patient didn't want to tell him, the hospital really couldn't override the patient's wishes. That was the case before HIPAA, too. And mental health information is clearly the type of information that deserves extra privacy considerations.
The dichotomy is still the root of the problem: if you want the best possible health care for everyone, all medical information about everyone should be available to everyone. If you want the best possible medical record privacy, no medical information about anyone should be available to anyone. The trouble is finding the right balance between those two poles, and while it's never going to be a perfect fit in every situation, HIPAA actually does a fair job of balancing the countervailing interests. You want privacy, and you want individuals to be empowered to make those decisions. But where it's appropriate and necessary for the information to be shared so the patient can be treated, that information should be shared. In the examples in the article where providers couldn't get information, the problem isn't HIPAA; HIPAA would've allowed those information transfers. The problem is the compliance and enforcement environment, the spectre of the Federal Government investigating an improper breach, or the threat of a lawsuit for a HIPAA violation. That's a result of the overzealous "selling" of HIPAA and the "need" for privacy in the face of anecdotal evidence from the likes of the Health Privacy Project.
Jeff [11:28 AM]
Blogger: HIPAA Blog - Edit your Template