HIPAA privacy rules not enough, IOM says

The current version of HIPAA privacy rules don't do enough to protect privacy, and at the same time hamper health research, concludes a new Institute of Medicine report.

The report suggests that privacy protection in research should be governed by something other than HIPAA privacy rules. This new approach would exempt health research from HIPAA, and instead create new privacy, data security and accountability standards for all health research, regardless of who pays for or conducts the research.

Meanwhile, if HIPAA continues to apply to health data used by researchers, IOM suggests that HHS clarify guidelines for such usage. Right now, the rules are being interpreted in widely varying ways, the IOM says.

To learn more about the report:
- read this Modern Healthcare article (reg. req.)

Related Articles:
Providers, states still struggle with HIPAA
Over-applying and misapplying HIPAA is common

Suggested Articles

The profit margins and management of Community Health Group raise questions about oversight of managed care insurers.

Financial experts are warning practices about the pitfalls of promoting medical credit cards to their patients.

A proposed rule issued by HHS on Tuesday would expand short-term coverage, a move Seema Verma said will have "virtually no impact" on ACA premiums.