Regarding HIPAA: 10 years after:
I agree with most of the comments. I do believe patient consent would have gotten in the way of what I call normal healthcare business. As an aside, most providers actually ask for patient consent because of the patchwork of state statutes that impose more stringent privacy practices.
Though politically untenable, I think the HIPAA privacy rule will only be truly effective if the state pre-emption language is modified to "trump" what are existing state privacy requirements. This becomes less politically untenable if Congress adopts similar privacy provisions around HIV/AIDS, mental health, genetic information, reproductive services and certain treatment for minors of a certain age -- which I do think should be adopted. This is true because most of the state laws regarding privacy cover these very same issues to one extent or another.
Regarding the national provider identifier, it is becoming rather costly to the industry at this point, and there are doubts about whether the industry can meet the May 2007 deadline for compliance. As one provider put it, this is far from administrative simplification and is putting a strain on the industry financially. Another provider asked, "What was the universal provider identifier number adopted for if we're now moving to a completely different number?"
Regarding vendors, that has turned out to be one of the biggest barriers to adopting the transaction and code-set standards, the new national provider identifier, etc. A number of vendors are working diligently on modifying existing systems, but a number of others -- some very large -- will not have the necessary changes available (for the NPI) until after the regulatory deadline. This forces the industry to develop work-arounds that can be very costly to develop.
Regarding enforcement, the administration is primarily to blame for the lack of enforcement. HHS has not been allocated sufficient staff or budget dollars to fulfill their responsibility as the enforcer of the HIPAA Administrative Simplification Provisions.
Certified information systems security professional
WEDI board of directors
President, Apgar & Associates
To submit a letter to YOUR VIEWS, click here . Please include your name, title and hometown.