FierceHealthcareFierceHealthITFierceHealthFinanceFierceEMRHospital ImpactFierceMobileHealthcare   FiercePharma

HIPAA privacy rules not enough, IOM says

February 4, 2009 — 2:27pm ET | By Anne Zieger
Tools
Tags
privacy protection
institute of medicine
Health Insurance Portability and Accountability Act (HIPAA)
Health Research
Health Data
Department of Health and Human Services (HHS)

The current version of HIPAA privacy rules don't do enough to protect privacy, and at the same time hamper health research, concludes a new Institute of Medicine report.

The report suggests that privacy protection in research should be governed by something other than HIPAA privacy rules. This new approach would exempt health research from HIPAA, and instead create new privacy, data security and accountability standards for all health research, regardless of who pays for or conducts the research.

Meanwhile, if HIPAA continues to apply to health data used by researchers, IOM suggests that HHS clarify guidelines for such usage. Right now, the rules are being interpreted in widely varying ways, the IOM says.

To learn more about the report:
- read this Modern Healthcare article (reg. req.)

Related Articles:
Providers, states still struggle with HIPAA
Over-applying and misapplying HIPAA is common

Bookmark and Share
Get Your FREE FierceHealthcare Email Newsletter:
Comments (1) | Post a comment

Comments

By sophia | Posted 12:27am | March 9, 2009

The report suggests that privacy protection in research should be governed by something other than HIPAA privacy rules. This new approach would exempt health research from HIPAA, and instead create new privacy, data security and accountability standards for all health research, regardless of who pays for or conducts the research.

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

To combat spam, please enter the code in the image.