View Single Post
Old August 28, 2012, 11:16 AM   #112
Frank Ettin
Join Date: November 23, 2005
Location: California - San Francisco
Posts: 8,745
Originally Posted by pnac
How has the HIPAA Privacy Rule been enforced so far?

Since the establishment of the Privacy Rule in 2003, OCR has received
almost 45,000 complaints....
[1] Before the HIPAA privacy rules, things might well have happened, but nothing would, or could be done.

[2] You're talking about a 12 year period. How much medical information has been collected, and legitimately used, even just in New York. 45,000 complaints, a great many by your figures, appear to be unfounded, in 12 years has got to be a pretty small percentage.

Originally Posted by pnac
...State public records laws, also known as open records or freedom of information laws, all provide for certain public access to government records. How does the HIPAA Privacy Rule relate to these state laws?


If a state agency is not a “covered entity”,...
"Covered entities" under HIPAA are basically providers of medical care, and medical insurers and other payors. Third parties that either contracts with in connection with medical care or payment activities are also made subject to the HIPAA rule.

However, state agencies, such as those responsible for providing or paying for medical care, or accrediting or licensing providers are either brought under HIPAA or subject to other confidentiality strictures. And FOIAs generally have exceptions to disclosure requirements that protect certain personal information. In any case, this is a FOIA issue that existed before HIPAA.
"It is long been a principle of ours that one is no more armed because he has possession of a firearm than he is a musician because he owns a piano. There is no point in having a gun if you are not capable of using it skillfully." -- Jeff Cooper
Frank Ettin is offline  
Page generated in 0.10068 seconds with 7 queries