HIPAA loopholes exposed by Wall Street Journal

by | Jul 6, 2009

This is one of the reports from the Wall Street Scrap Book- “Increasingly complex confidentiality issues” in federal medical privacy rules “are affecting patients and their insurance coverage.”

The reports also mention that complaints of privacy violations “have been piling up.” HHS received 23,896 complaints related to medical-privacy rules between April 2003 and Nov. 30, 2006. However, 75 per cent of these complaints were found to be without any violation and had to be closed, as said by an HHS spokesperson.

Since HIPAA was enacted in 2003, HHS has not charmed enforcement actions against any entity for violating the privacy rule. Let us consider the case of the attorney Patricia Galvin. Her notes from psychotherapy sessions at Stanford Hospital & Clinics were accessed by her insurer, UnumProvident, due to which she was denied disability benefits.

As published in the Journal, UnumProvident said the notes indicated that Galvin was not “too injured to work” after she was interested in a car fortune and applied as want-term disability leave. Galvin has filed a lawsuit against Stanford and UnumProvident with a view violating medical privacy laws, supply other issues, under the federal Robustness Guaranty Portability and Responsibility Accomplishment.

As per the HIPAA, there is provision for added protection for mental health records, but Stanford in court papers said that “psychotherapy notes that are kept together with the patient’s other medical records are not defined as ‘psychotherapy’ notes impaired HIPAA.” Peter Swire, a law professor at Ohio State University, said, “We’re three years into the enforcement of the rule, and they haven’t brought their first enforcement ambitiousness.” He added, “It sends the signal that the health system can give someone the brush-off this issue.”

3-Steps to HIPAA Compliance

Step 1 : Download Checklist.

Step 2 : Review Your Business

Step 3 : Get Compliant!

Our HIPAA compliance checklist will outline everything your organization needs to become fully HIPAA compliant. Fill in the form below to download it now.

View our privacy policy