University of California Hospitals, DHS Reach Agreement on Release of Data to Cancer Registry
The California Cancer Registry will have "full access to the files and records" needed to obtain information on newly diagnosed cancer patients to help recruit study participants under an agreement between the University of California and the Department of Health Services, the San Francisco Chronicle reports. Citing the medical privacy rule of the Health Insurance Portability and Accountability Act, 17 Bay Area hospitals since 2002 have prevented or restricted access to medical records by the registry, which is administered by the state.
Registry officials and patient advocacy groups said the restrictions violated state law. However, in a letter to Rep. Barbara Lee (D-Oakland), UC President Robert Dynes said HIPAA had "caused institutions and individuals to question historical practices that could be a violation of patient privacy."
Cancer researchers said the restrictions were compromising the quality of some studies, and DHS considered levying fines against UC hospitals.
The agreement between UC Medical Affairs Vice President Michael Drake and Public Health Officer Richard Jackson, which was outlined in a Nov. 3 letter, details the types of information that can be obtained by the registry and the procedure for reporting data. Researchers will have to wait six weeks before contacting newly diagnosed cancer patients to mitigate the possibility of patients learning of their cancer diagnoses from researchers instead of their physicians.
Drake said, "We wanted to report the information as quickly as possible, while protecting patient privacy."
Kevin Reilly, deputy director of prevention services for DHS, said, "We've come to an agreement that the day-to-day functions of the Cancer Registry are perfectly consistent with the requirements of HIPAA."
Rory Jaffe, an anesthesiologist in charge of privacy issues at UC Davis Medical Center, said he is "happy" that the agreement resolved some long-term points of disagreement and that patients' privacy would not be jeopardized. "HIPAA caused people to think about patient privacy. That's a good thing," he said (Russell, San Francisco Chronicle, 12/7).