[ Monday, October 04, 2004 ]
GAO Reports on the First Year Experience:
Of course, Privacy "went live" way back in April 2003. How have things gone for providers, plans and clearinghouses? For the most part, according to the GAO
(Government Accountability Office, not, as I always thought, General Accounting Office), fairly smoothly. There is some confusion and challenges abound (accounting for disclosures and business associate issues are highlighted), and the general public is ill-informed of the requirements and benefits, and governmental organizations face some specific problems. Anecdotal evidence shows some over-implementation of the rules resulting in family members being excluded from access to information on loved ones, and research organizations have their own troubles as well. But overall, the implementation of HIPAA has gone fairly well.
Personally, I think this is because the medical community has always been quite good at keeping private what is supposed to stay private. HIPAA was, in large part, drafted to fix a problem that existed primarily in the minds of the paranoid and over-reactionary. Were evil drug companies and marketing firms using personal medical information for nefarious (or at least profit-driven) purposes? Sure, it happened occasionally. But the vast, vast majority (well over the Ivory Soap threshold of 99.44%) of individuals and entities that had access to personal medical information maintained the privacy and confidentiality of that information at least as well as HIPAA now mandates. It's easy to fix a problem if it doesn't really exist in the first place.
Jeff [3:11 PM]
Blogger: HIPAA Blog - Edit your Template