Navigation Links
HIPAA privacy rule fails to adequately protect patient privacy and hampers health research
Date:2/4/2009

WASHINGTON -- The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule does not adequately protect the privacy of people's personal health information and hinders important health research discoveries, concludes a new report from the Institute of Medicine.

Congress should authorize the development of an entirely new approach to protecting personal health information in research, separate from the HIPAA Privacy Rule, said the committee that wrote the report. This new approach should apply privacy, data security, and accountability standards uniformly to information used in all health-related research regardless of who funds or conducts the research.

If policymakers decide to continue relying on the current rule to protect privacy in health research, the committee recommends a series of changes to improve the rule and the guidance that the U.S. Department of Health and Human Services (HHS) gives on how to comply with it.

In addition, the report urges all institutions conducting health research to strengthen their data protection. Security breaches are a growing problem for health information databases. Among the measures that should be taken, encryption should be required for all laptops, flash drives, and other portable media containing such data given the potential for these items to be lost or stolen.

The committee's recommendations recognize the valuable societal benefits that both ethically conducted health research and privacy protections provide. Without such research, society would lose the benefit of new therapies, improved diagnostics, and more effective ways to prevent illness and deliver care. Privacy helps protect individuals from harm, such as discrimination and identity theft, and permits research and public health activities to be carried out in ways that preserve their dignity.

"We believe there is synergy between the goals of safeguarding privacy and enhancing health research and that it is critically important to our nation's health to strengthen privacy protections and still facilitate research," said committee chair Lawrence O. Gostin, professor of law and director, O'Neill Institute for National and Global Health Law, Georgetown University Law Center, Washington, D.C. "Our recommendations aim to boost regulations and practices that effectively protect personally identifiable health information, while changing provisions of the HIPAA Privacy Rule or its interpretations that have proved to be ineffective."

The HIPAA Privacy Rule regulates what uses and disclosures of personally identifiable health information are permitted by health plans, health care providers, and other entities covered by the regulation. The goal is to ensure that individuals' health information is properly protected while allowing the flow of data needed to promote high-quality health care and health-related research.

However, the HIPAA Privacy Rule is difficult to reconcile with other federal regulations governing research involving people and their personally identifiable information. Moreover, organizations that collect and use health data vary greatly in how they interpret and follow the rule, and the rule does not apply uniformly to all health research. The committee's review of published reports, testimony from patient and privacy advocates and the health research community, and other sources of information led it to conclude that the way the rule is currently interpreted does not adequately protect privacy and impedes important health research.

HHS and other federal agencies should develop a new approach to regulation that focuses on best practices in privacy, security, and transparency, the report says. The new framework should facilitate use of health data in which personally identifiable information is removed and should provide legal sanctions against unauthorized re-identification of individuals. It should provide ethical oversight of research in which use of personally identifiable information without individual consent is necessary. This oversight could be accomplished by local ethical review boards that assess proposed projects on a case-by-case basis, or institutions could be certified at the federal level to carry out this kind of research, having proved they have policies and practices in place to protect data privacy and ensure security.

If the current HIPAA Privacy Rule continues to be the means for safeguarding privacy in health-related research, the committee recommended several ways to revise the rule and its guidance on compliance. For example, HHS should make it clear that people can grant permission in advance that samples or data collected from them for one research project can be used in future research. And the agency should simplify and clarify the criteria for making decisions about waiving requirements to obtain permission from every patient whose personal health information will be used in study.


'/>"/>

Contact: Christine Stencel
news@nas.edu
202-334-2138
National Academy of Sciences
Source:Eurekalert

Related medicine news :

1. HIPAA Privacy Rule Limits Americas Promise in Research
2. Healthcare Organizations Launch Collaborative Initiative to Test HIPAA Transactions Against Proposed 5010 Standards
3. Importance of URACs HIPAA Privacy and Security Standards to Protect Personal Health Information Is Focus of New Issue Brief
4. nCircle Announces Free Web Seminar - Automating HIPAA Compliance with Security & Configuration Auditing
5. Debra Strickland joins Foresight Corporation in time for HIPAA 5010 Mandate
6. Philanthropic Health Care Violations of HHS HIPAA Law Again Near Zero, Federal Government Tells Association for Healthcare Philanthropy
7. IHF Says Google Personal Health-Records System Gives Consumers Greater Control Over Privacy than HIPAA Rules
8. URAC Calls for Comments on Changes to Standards for Health Web Site, HIPAA Privacy and Security Accreditation Programs
9. PinnacleHealth System Selects Phoenix Health Systems to Provide HIPAA Security Assessment Services
10. Consumer Watchdog Calls on Google to Cease Lobbying Effort to Allow Sale of Patient Medical Records; Urges Congress to Adopt Privacy Protections in Economic Stimulus Bill
11. Economic Stimulus Package Could Impinge on Americans Health Privacy
Post Your Comments:
*Name:
*Comment:
*Email:
(Date:4/28/2017)... ... April 28, 2017 , ... Beginning in 2017, Ridgecrest Herbals will be phasing ... the popular ClearLungs Extra Strength formula. To ensure that the effectiveness of Clear Lungs ... ways:, , Removal of the homeopathic element , ...
(Date:4/28/2017)... New York, NY (PRWEB) , ... April 28, ... ... Shiel Medical Laboratory to expanded distribution of the GlycoMark test throughout the Northeast ... indicates recent hyperglycemia in patients with diabetes. The GlycoMark test provides a clinically ...
(Date:4/28/2017)... Fairfax, VA (PRWEB) , ... April 28, 2017 , ... ... elected volunteer board members and officers for 2017-2018. The annual board election process has ... serving on a volunteer basis. , Thomas C. Dickerson, Ed.D., FACHE, succeeds Jim Hamilton, ...
(Date:4/28/2017)... ... ... The Texas Cord Blood Bank (TCBB), a program of nonprofit biomedical organization GenCure, ... at Renaissance in Edinburg for their outstanding efforts in collecting umbilical cord blood donations ... , “Women’s Hospital at Renaissance has been a collection partner for the TCBB since ...
(Date:4/28/2017)... ... April 28, 2017 , ... People are starting to accept that hearing aids ... doesn’t have the stigma it had when great-grandpa wore his hearing aids years ago,” ... a NALA North American Speaker Series (NASS) segment. “He probably wore an ...
Breaking Medicine News(10 mins):
(Date:4/25/2017)... April 25, 2017 Endo International plc (NASDAQ: ... 2017. Members of its senior management team will host a conference ... a.m. ET. The dial-in number to access the ... 509-7598, and the passcode is 6086379. Please dial in 10 minutes ... A replay of the call will be available from May ...
(Date:4/24/2017)... England , April 24, 2017 ... development, today announced the addition of a major ... ,Validated In-situ Plate Seeding,). The VIPS has been ... and 384 well microplates as part of the ... system offers a simple and more reliable solution ...
(Date:4/20/2017)... 20, 2017  Cogentix Medical, Inc. (NASDAQ: CGNT), ... the Urology, Uro/Gyn and Gynecology markets with innovative ... has joined the Company as Senior Vice President, ... position, Mr. Keswani will report directly to ... "Our organization is delighted that Ash has joined ...
Breaking Medicine Technology: