As HIPAA concerns persist, vendors ready themselves

The most recent incarnation of the Health Insurance Portability and Accountability Act likely will provide plenty of privacy headaches both for providers and vendors in the industry, a Wall Street Journal article outlines this week.

Of particular concern to providers, the article's author says, is the provision dictating that as long as a patient pays for a healthcare item or service in full and out of pocket, they can ask a provider to not disclose personal health information related to that item or service to their insurance company. FierceHealthIT Editorial Advisory Board member John Halamka, CIO at Beth Israel Deaconess Medical Center in Boston, tells WSJ the issue is three-fold, pointing out that, for instance, it could be difficult to keep a payer from seeing such information due to quality review and oversight processes.

"It's a technology problem and a work-flow problem and a policy problem," he says.

According to Marcy Wilder, director of the global privacy and information management practice for Washington, D.C.-based law firm Hogan Lovells and prior Deputy General Counsel for the U.S. Department of Health & Human Services, the rule could "make it difficult to identify folks who would benefit from wellness programs."

Despite such concerns, however, support for HIPAA seems to be growing in the cloud vendor community, according to Forbes. For example, both Microsoft and Box--the latter of which is a cloud storage company--recently announced they updated their business associate agreements to address the new HIPAA requirements. Business associates, under the updated law, as well as subcontractors who work with covered entities, now are just as accountable for maintaining the privacy and security of personal health information.

"The reason for this new level of security is pretty fundamental," writes Forbes contributor Dan Munro. "Healthcare has had some serious deficiencies through the years and it's a prime target for identity theft."

On the heels of concerns that many healthcare providers misunderstand HIPAA, HHS plans to offer guidance and technical assistance to covered entities and business associates with reservations about the recently updated omnibus rule.

To learn more:
- read the Wall Street Journal article (registration required)
- here's the Forbes post

Suggested Articles

Data and analytics company Health Catalyst reported fourth-quarter 2019 revenue grew 21% to $43.5 million, beating Wall Street estimates.

Key lawmakers are fed up with what they see as poor VA leadership over a new Cerner EHR system and vowed to take tighter control of the project.

The latest report from The Leapfrog Group, an independent hospital safety watchdog group, looked specifically at surgical volumes of 2,100 hospitals.