Journal of health law
-
Journal of health law · Jan 2002
CommentHIPAA standards for privacy of individually identifiable health information: an introduction to the consent debate.
On March 27, 2002, DHHS published proposed amendments to the Privacy Standards under HIPAA. The most controversial of these changes is the removal of the requirement that providers obtain patient consent before using or disclosing protected health information for treatment, payment, and healthcare operations. ⋯ This comment introduces the reader to the issues that are debated immediately following in the articles by Geralyn A. Kidera and Kristen Rosati.
-
Journal of health law · Jan 2002
DHHS wisely proposed to remove the "consent" requirement from the HIPAA privacy standards. Department of Health and Human Services.
The author contends that requiring advance written consent to use and disclose health information interferes with patient care, is unnecessary in view of other rigorous privacy protections, and imposes an unwarranted burden on healthcare providers. Consequently, the author commends DHHS for taking the "practical and apolitical step" of removing this requirement.
-
Journal of health law · Jan 2002
The proposed changes to the final privacy rule suggest a disturbing reduction in an individual's ability to exercise a right to healthcare privacy.
The author contends that, in eliminating HIPAA's mandatory consent requirement, which is the initial step in the patient's Patient Consent exercise of the right to health information privacy, DHHS has turned its back on privacy protection. She posits that the proposed change is the result of a disturbing focus on an elimination of the industry's administrative burdens, rather than on the protection of patient healthcare information. The article concludes that elimination of the consent requirement is a step backwards in the arena of personal privacy.
-
This Article reviews the HIPAA Privacy Standards' impact on healthcare organizations. It discusses whether a healthcare organization is a "Covered Entity" under the regulations, what information the Privacy Standards protect, what restrictions the regulations place on the use and disclosure of protected health information, what individual rights the Privacy Standards create, and what agreements they require between healthcare organizations and their business associates. The author provides relatively extensive guidance to organizations that are embarking upon their voyage of compliance with these broadly applicable regulations, but notes that the full extent of necessary compliance remains unclear, pending DHHS issuance of the next iteration of the rulemaking in this area. The Article was finalized in January 2002, before HHS issued any modifications to the Privacy Standards.