Corporate Compliance

HIPAA: Good for privacy, bad for business?

Compliance Monitor, June 1, 2005

Although HIPAA is achieving its desired effect of protecting patient privacy and the security of protected health information, it is having unforeseen consequences that adversely affect the quality, safety, and cost of medical care for patients, Medical News Today reported May 29.

According to a paper by researchers from the University of Michigan Cardiovascular Center, published in the Archives of Internal Medicine, HIPAA is responsible for a significant drop off--from 96% to 34%--in the number of heart attack survivors and chest pain patients who complete follow-up surveys about their care. The authors, led by Kim Eagle, MD, clinical director of the cardiovascular center, also report that HIPAA has driven up the cost of conducting surveys and skewed their results.

"We won't solve safety, quality, and cost issues in healthcare unless we do quality research, and our findings show that HIPAA, as currently written, has the potential to hinder that effort," Eagle said. "Privacy is crucial. But quality-improvement research aims to generate public benefit, and as a society we have to be careful that we don't find ourselves on such a far extreme on one side of privacy protection that we actually paralyze our ongoing efforts to monitor and improve care."

Among the research team's specific complaints about HIPAA is that its language requires written consent for even those surveys that use anonymous data, Medical News Today reported. The group also said that HIPAA has changed the language in surveys to the point that they are several pages long and more complicated than ever.