Health News

HIPAA is Not Protecting Patient Health Information

[Posted 2/10/09] A study sponsored by Health and Human Services (HHS) and several healthcare advocacy groups reveals that the Health Insurance Portability and Accountability Act (HIPAA) is not doing enough to protect personal health information. The study, Beyond the HIPAA Privacy Rule: Enhancing Privacy, Improving Health Through Research, is available from the National Academies Press.

The HIPAA Privacy Rule was created not only to safeguard individuals, but also to facilitate the flow of patient information needed for appropriate healthcare and health research. The study claims HIPAA is floundering on all counts, and innovative regulation is sorely needed.

"HHS and other federal agencies should develop a new approach to regulation that focuses on best practices in privacy, security, and transparency" including ethical oversight of research that uses patient data.

If new regulation is not possible, the study also explores steps that could be taken to improve HIPAA, raise awareness among the people who handle patient data, and reduce/eliminate security breaches.

Related Links:

National Academies News Release

The National Academies Press

Institute of Medicine

OHSOnline News Article

Healthfinder News Article