| Patient Privacy and Confidentiality |
Medical records privacy is an important issue to consumers and their
advocates. Included in a health insurance reform bill enacted in 1996
known as Health Insurance Portability and Accountability Act (HIPAA),
the federal Department of Health and Human Services (HHS) promulgated
a new rule at the end of 2000, which requires healthcare providers,
health plans, and those who do business with them, to implement new
steps to protect patient privacy. The rule went into effect on April
14, 2003.
States historically have been at the forefront of privacy regulation,
and may go beyond the HIPAA requirements. One of the more popular provisions
in state legislation is to require patient consent prior to the release
of medical records, otherwise known as an opt-in requirement. Although
some legislation may include exemptions to allow disclosure without consent
for providing healthcare services, it sometimes is unclear how healthcare
services are defined. For instance, refill reminder and other patient
compliance programs may
or may not be considered healthcare services.
Another area states have sought to regulate is the sale or use of medical
information for marketing or sales purposes. Some states have clearly
targeted list brokers or groups that buy and sell such records for telemarketing
purposes. Others define marketing more broadly, making it unclear whether
programs such as refill reminders fall into the marketing category.
Federal Activities
Links
Contacts
Anita Ducca
Senior Director, Regulatory Affairs
703-885-0240
aducca@hdmanet.org
|
|