PATIENT PRIVACY: Health Groups Wary of Looming HHS Rules
With HHS set to release a set of controversial patient privacy guidelines within the next few weeks, health care providers and insurance companies fear that the new rules will force them to shell out billions of dollars to safeguard patients' medical records, while patient advocates worry that the new regulations will not offer adequate protection, the Boston Herald reports. "[S]ome people are very anxious about what the regulations will say," Joy Prits of Georgetown University's Health Privacy Project said (Heldt Powell, 9/18). Insurance firms and medical researchers argue that privacy restrictions would hinder their efforts, claiming that they "already work to protect patients," but consumer groups contend that health care providers and others should obtain permission before disclosing patient records. "It's a very, very complicated issue with a million different little issues involved," privacy consultant and National Committee on Vital and Health Statistics member Robert Gellman explained, adding, "What's really going on in the health care industry is the increased use of medical records for marketing purposes." Last November, HHS released a draft of the regulations, which included provisions banning the use of electronic medical information for product marketing and for purposes unrelated to treatment, payment and routine health care (Beil/Ornstein, Dallas Morning News, 9/17). The rules also mandated fines and criminal penalties for health plans and doctors' offices that misuse patient records (Boston Herald, 9/18). After releasing the draft, HHS received about 52,000 comments from groups around that nation, ranging from "you didn't do enough" to "you did way too much," HHS spokesperson Campbell Gardett said (Dallas Morning News, 9/17). The agency predicted that the proposed rules would cost the health industry $3.8 billion over five years, but industry officials fear that the figure "will be much higher."
Health Industry Naysayers
Health industry officials also argue that the proposed HHS regulations will stifle quality assurance, hinder treatment programs for specific diseases and prevent HMOs and providers from sending patients beneficial information. "Some of the rules ... would threaten the ability of health plans to use the claims data they have to identify people who would benefit from health promotion activity," Kristin Stewart, American Association of Health Plans' director of marketing issues, said. The rules will also force many HMOs to increase security measures, which could drive up health care costs, industry experts contend (Boston Herald, 9/18). In addition, many of the proposed rules govern the custodians of the information rather than the records themselves. And, according to Texas Medical Association lobbyist Connie Barron, "once the information gets into the hands of someone else who isn't regulated, there's no protection" (Dallas Morning News, 9/17). Harvard Medical School research associate Richard Sobel agreed. "Ultimately, [the HHS rules] are not privacy regulations, [they] are disclosure regulations," he said (Boston Herald, 9/18). Medical researchers also warn that "overly heavy" restrictions on patient records could "actually hurt medicine in the long run" by hampering drug research studies or public service projects -- such as local health department disease tracking efforts and disease registries used in medical research (Dallas Morning News, 9/17).
Congressional Floundering
Federal law currently does not protect medical information, forcing patients to rely on a "patchwork of state laws, ethical guidelines that ... doctors follow and luck," Janlori Goldman, director of the Health Privacy Project at Georgetown, said. In 1996, Congress approved the Health Care Portability and Accountability Act, setting an August 1999 deadline for passing patient privacy rules. Since then, however, while members of Congress in both parties have proposed "several dozen" bills to safeguard patient records, only one of those measures -- a provision that never became law -- ever reached the floor for a vote. "There's very strong differences of opinion. ... There isn't enough of a consensus to get a bill through Congress," Gellman said. When Congress missed the deadline last year, responsibility for governing electronic medical records shifted to HHS (Dallas Morning News, 9/17).