First conceived in 1996, the Health Insurance Portability and Accountability Act has long served as a guiding flame for the care and management of Protected Health Information. Although it contains a number of structures related to taxes, insurance reform, administration, and revenue; security is its primary objective. Under HIPAA, all identifying patient information is treated with the utmost caution, ensuring patients need never worry about sensitive data falling into the wrong hands.
That’s how it’s supposed to work in theory, anyway. As many of us know all too well, HIPAA has its fair share of blind spots. Particularly in recent years, it’s lagged behind in keeping with technological developments like cloud computing, mobility, and the Internet of Things.
The Office of Civil Rights at the United States Department of Health and Human Services feel it’s high time this changed. That’s why in December, it issued a request for public information on how HIPAA might be modified to be a better fit for the modern health industry.
“This RFI is another crucial step in our Regulatory Spring to Coordinated Care, which is taking a close look at how regulations like HIPAA can be fine-tuned to incentivize care coordination and improve patient care, while ensuring that we fulfill HIPAA’s promise to protect privacy and security,” explained OCR Deputy Secretary Eric Hargan in a prepared statement. “In addressing the opioid crisis, we’ve heard stories about how the Privacy Rule can get in the way of patients and families getting the help they need. We’ve also heard how the Rule may impede other forms of care coordination that can drive value. I look forward to hearing from the public on potential improvements to HIPAA while maintaining the important safeguards for patients’ health information.”
“We are looking for candid feedback about how the existing HIPAA regulations are working in the real world and how we can improve them,” added OCR Director Roger Severino. “We are committed to pursuing the changes needed to improve quality of care and eliminate undue burdens on covered entities while maintaining robust privacy and security protection for individuals’ health information.”
In particular, the RPI is focused on information sharing, parental involvement in care, mental health, disclosures of information under HITECH, and user privacy as a whole. Public comments on the matter are due by February 11, 2019. We at Liberty Center One encourage each and every one of our clients who work in healthcare -health organizations and covered entities – to submit their feedback on the challenges and setbacks they’ve encountered as a result of HIPAA, and how it might be modified to better fit their needs.