March 23, 2001 (Washington) -- It's not only unclear what is happening with "final" federal patient medical privacy rules, it's tough to get people to agree on what the rules would do.
Welcome to another full-on Washington war of words, with talk on one side of the "unintended consequences" of the rules and countercharges that these objections are "misinformation" to kill off the new requirements.
According to Robert Heird, senior vice president for Anthem Blue Cross and Blue Shield, the rules as written would "harm consumers" since they would "slow the delivery and payment of care." The rules, he claimed, "will require a major reorganization of every doctor's office, hospital, pharmacy, laboratory, research facility, and health plan."
But Janlori Goldman, a privacy advocate who heads Georgetown University's Health Privacy Project, tells WebMD, "The industry is putting a full-out assault on the regulation, and they have a receptive ear" with the Bush Administration.
She adds, "We [must] not be swayed by distortions and exaggerations. I think that consumers have a lot to be concerned about right now, looking at how hospitals and health plans and pharmacists are resisting. I just think they [providers] don't want to be regulated. It will cost money -- there's no question."
The new standards, in the works for years, had been published in "final" form in the last weeks of Clinton's term in office last year. They establish for the first time a national right to privacy over individual health information.
Under the rules, patients would have the right to see and amend their medical records. Moreover, they would have more authority over the use of their health information; patients would have to give a one-time consent before their records could be used for treatment, payment, and other healthcare operations.
The rules apply to doctors and other healthcare providers, health plans, and companies that process and transmit claims data.
The regulations do not, however, allow consumers to sue over breaches of their privacy, and does not directly apply to others who may handle patient health information, such as life insurers and employers. And advocates of the rule said that it doesn't offer adequate protections in some areas, by allowing law enforcement relatively easy access to patient records, and permitting limited use of personal health information for fundraising and marketing efforts.