Now that the privacy regulations of the Health Insurance Portability and Accountability Act of 1996 have the force of law, much of the confusion of past years has subsided, and a majority of physician executives agree that HIPAA is an adequate safeguard of patient privacy, results of the 2003 Modern Physician/PricewaterhouseCoopers technology survey indicate.
Of the 432 people who submitted valid responses to this question, 69.2% say the regulations authorized by HIPAA will protect the privacy of personal healthcare information. Only 10.6% say they will not.
A year ago, a 42.2% plurality of survey participants were unsure whether HIPAA would protect patient privacy.
The privacy rules went into effect April 14.
Mark Cohen, M.D., chief of professional technology for the Rochester, N.Y.-area operations of Lifetime Health, an HMO-affiliated multispecialty physician group across upstate New York, has seen HIPAA privacy restrictions in action. Cohen says the practice has upset a number of people by refusing to release test results to the spouses of patients without written authorization.
"We've had people yell at us," he says. "We just blame HIPAA."
The University of Illinois Medical Center at Chicago has put its staff through rigorous, mandatory training for patient privacy.
"I think organizations are taking the training a lot more seriously," says Daniel Hier, M.D., physician adviser to the medical center's IT services department.
Among the few skeptics is Clement Fox, M.D., medical director of Health Advantage, the HMO arm of Arkansas Blue Cross and Blue Shield. He says HIPAA was written based on technology of the early 1990s.
"I think it's kind of outdated for what's going on now and what may happen in the future," Fox says. "I think HIPAA will not protect medical information. (Patient data) is going to be disseminated in ways we can't anticipate."