MEDICAL PRIVACY: NAIC Proposes Model Legislation
The National Association of Insurance Commissioners "proposed new standards that would restrict insurance companies from disclosing personal medical information without the individual's permission," the Wall Street Journal reports. The Health Information Privacy Model Act not only requires insurance companies to obtain a patient's permission before disclosing any identifying medical data, it also holds insurers responsible for the information they provide to laboratories, health clinics or pharmacies. Insurance companies would still be able to share a patient's medical records with another company processing a claim, or "to organizations doing 'scientific, medical or public policy research.'" The proposal is intended as a model for state legislatures "to establish more-uniform privacy standards for medical information." NAIC also plans to submit its proposal to Congress, which is under legislative mandate to develop national medical privacy legislation by August of 1999. Kansas Insurance Commissioner and lead author Kathleen Sebelius said, "Congress has been waiting for our guidance." She said the model legislation comes in response to consumer concerns that "their private medical records are available for dissemination or ... for sale." However, the Wall Street Journal reports that some property-casualty insurers fear the language is too broad, and under the proposal's current language, "they could be forced to hand over even non-health-related data to someone who is suing them." Violators of the model law "would be subject to sanctions by state regulators, ranging from minor actions to fines as high as $500,000 per offense and prison time" (Lohse, 9/15).
This is part of the California Healthline Daily Edition, a summary of health policy coverage from major news organizations. Sign up for an email subscription.