|
Sens. Patrick Leahy (D-Vt.) and Edward Kennedy (D-Mass.) introduced a bill that would place stricter privacy restrictions on the disclosure of personal health information and require HHS to revise HIPAA rules, Government Health IT reports.
A new bill introduced in the Senate by Sens. Patrick Leahy (D-Vt.) and Edward Kennedy (D-Mass.) would place stringent restrictions on disclosures of personal health information and clear up at least some of the confusion surrounding federal privacy rules.
If passed, the new bill would not supplant the Health Insurance Portability and Accountability Act of 1996 but would require the Health and Human Services Department to revise HIPAA rules, according to a six-page summary the senators issued.
“In America today, if you have a health record, you have a health privacy problem,” Leahy said in a statement. He heads the Senate Judiciary Committee, which is expected to consider the bill.
Kennedy said the bill aims to strike a delicate balance between sharing information and protecting patients' privacy. “For too long, the balance has been tilted too far against patient privacy, and our bill is a needed effort to correct that imbalance,” he said. Kennedy heads the Senate Health, Education, Labor and Pensions Committee.
The Health Information Privacy and Security Act of 2007 would prohibit the disclosure or use of personal health information without authorization from the patient in most cases. It would also allow patients to opt out of electronic systems that store or transmit health records and would require that individuals be notified if their information is disclosed without authorization.
It would establish an Office of Health Information Privacy at HHS and give it enforcement powers. The bill would impose criminal and civil penalties for unauthorized disclosure of patient information and direct the U.S. attorney general to debar health entities from federal programs if they are found guilty of a crime under the act.
It would also allow individuals to sue for damages in cases of unauthorized disclosure and would authorize state attorneys general to sue on behalf of state residents. In addition, whistle-blowers who report violations would be protected from retaliation.
Earlier in the day, participants in a panel discussion in Washington on privacy issues related to health information technology discussed whether the lack of a federal privacy policy was holding up development and implementation of health IT at the national level.
David Merritt, director of the health IT program at the Center for Health Transformation, challenged Democrats to come up with a policy proposal. “I'm starting to think that they're paying lip service” to the privacy issue, he said.
But Kala Ladenheim, program director at the National Conference of State Legislatures, said the issue is not yet ripe for resolution, and it's unclear what policies should be handled at the state level. “It's too soon to lock in on something that's evolving so fast,” she said.
Tom Wilder, senior regulatory counsel at America's Health Insurance Plans, disagreed, saying a federal law is needed because the flow of health information does not stop at state borders. “I think having 50 different state laws really causes people a lot of problems,” Wilder said.
Dr. Deborah Peel, founder of the Patient Privacy Rights Foundation, criticized Kennedy for largely ignoring privacy in the health IT bill he introduced last month, which is awaiting action by the full Senate.
(By Nancy Ferris / Government Health IT News)
The HIPAA Flash is an opt-in monthly newsletter. The content is for informational purposes only. Nothing herein constitutes legal advice - if you need legal advice, please consult a competent attorney. To unsubscribe from this monthly newsletter, reply to hipaaflash@hipaarx.net with the word "UNSUBSCRIBE" in the subject line.
HIPAA Solutions Rx is your best source for compliance workbooks, online training, disclosure tracking systems, network scanning tools, backup facilities, certifications, consulting ... HIPAA from A to Z. For the most complete suite of HIPAA compliance products available, visit us at: http://www.hipaarx.netor call us at 1-866-447-2211.
HIPAA Solutions is a BridgeFront Company. For training in OSHA, JCAHO, Nurse CE, Long Term Care, Revenue Cycle Management and much more, visit http://www.bridgefront.com.
|
