Medical Professionals Frequently Restrict Patient Data, Even To Patients Themselves
Alex Hendler / January 19, 2012 at 2:50 AM ST
Please note that the following is not legal advice and should not be taken as such; it is my personal opinion and may not be applicable to your particular situation. If you need to obtain legal advice on this matter, seek the counsel of a qualified attorney who has agreed to represent you.
The privacy-related portions of the statute and related rules are relatively straightforward (see http://www.hhs.gov/ocr/privacy/hipaa/administrative/index.html) compared to other health care statutes and regulations, but the penalties are so great that health care providers and their staff are (rightfully) scared to improperly divulge information. In many cases, they will refuse to disclose information over the phone and will only do so in person or by fax or letter.
As an individual, a health care provider is generally required to disclose to you all of the medical information about yourself that you request, but the provider must take certain precautions to ensure that you are that individual or risk serious penalties under 42 U.S.C. § 1320d-6.
The problem is therefore not necessarily with the privacy law itself: The problem more likely lies with the advice (or lack thereof) that health care providers get or implement regarding how to apply it. One contributing factor is that health care providers are so squeezed for resources from all sides that they cannot afford to obtain or implement decent advice about how to comply with the law.
There are, as I see it, multiple facets to this particular problem:
1) The law is not clearly understood by those it most directly affects, even though the law is relatively straightforward on privacy issues;
2) The affected people or entities are unable or unwilling to dedicate the human or financial resources necessary to achieve an adequate working understanding of the law for all people responsible for complying with it; and
3) As a result, they tend be extraordinarily cautious to avoid potentially crippling civil and criminal penalties.
A joint venture of Think Computer Corporation and Think Computer Foundation, a 501(c)3 non-profit organization.
Copyright © 2001-2013 Think Computer Corporation. All Rights Reserved.
About Help Us Media Privacy Security Contact Us