Trump administration seeks public feedback on how to fix HIPAA privacy rules

HIPAA document
The request for information is part of the "Regulatory Sprint to Coordinated Care," an initiative led by HHS Deputy Secretary Eric Hargan. (Getty/designer491)

Among regulations in healthcare, perhaps none is more well known—or loathed—than HIPAA.

Now, the Department of Health and Human Services said they want to hear from the public about how to fix what are officially known as the Health Insurance Portability and Accountability Act (HIPAA) rules.

Specifically, they are looking for feedback on how to reform the HIPAA Privacy Rule to remove barriers to organizations trying to share data in an attempt to improve healthcare delivery. 

Free Daily Newsletter

Like this story? Subscribe to FierceHealthcare!

The healthcare sector remains in flux as policy, regulation, technology and trends shape the market. FierceHealthcare subscribers rely on our suite of newsletters as their must-read source for the latest news, analysis and data impacting their world. Sign up today to get healthcare news and updates delivered to your inbox and read on the go.

For example, the agency has heard that during the opioid crisis, the privacy rule blocked patients and families from getting needed help. 

“We are looking for candid feedback about how the existing HIPAA regulations are working in the real world and how we can improve them,” said Office for Civil Rights Director Roger Severino in a statement. “We are committed to pursuing the changes needed to improve quality of care and eliminate undue burdens on covered entities while maintaining robust privacy and security protections for individuals’ health information.”

RELATED: HIPAA compliance means marriage between security, privacy officers

HIPAA originally passed into law in 1996 and was aimed at providing privacy and security for patients health information while allowing information to be shared as needed. And it has risen in prominence in recent years with a rash of high-profile breaches of patient health information among IT companies and health systems.

Amid the broader shift underway from fee-for-service to value-based, coordinated care, the OCR said it has been fielding a growing number of calls to revisit the rules that can limit or discourage information needed to make that shift possible. 

The request for information is part of the "Regulatory Sprint to Coordinated Care," an initiative led by Deputy Secretary Eric Hargan, and seeks information on which parts of HIPAA rules present obstacles to its goals without meaningfully contributing to privacy. 
RELATED: With support from health IT groups, a new ‘wizard’ looks to streamline patient medical records requests

They are requesting broad input on HIPAA rules including:

  • Facilitating parental involvement in care.
  • Addressing the opioid crisis and serious mental illness.
  • Accounting for disclosures of protected health information for treatment, payment and healthcare operations as required by the HITECH Act.
  • Changing a requirement for certain providers to make a good faith effort to obtain an acknowledgment of receipt of the notice of privacy practices.

The RFI is due Feb. 11, 2019.

Suggested Articles

Centene Corporation posted $95 million in profit for the third quarter of 2019, which skyrocketed from $19 million in the third quarter of 2018.

A KHN investigation found that manufacturers, hospitals, doctors and some patient advocates have put marketing muscle behind 3D mammograms.

Benchmark premiums for plans on are down 4% for the 2020 plan year, the Trump administration announced Tuesday.