There’s an editorial at the St. Petersburg Times discussing medical privacy in Florida and nationwide.
For the third time in recent months, Tampa Bay citizens have found themselves the unwanted recipients of patients’ private medical records. What’s more, in two cases, the recipients’ efforts to restore patients’ privacy were rebuffed, suggesting the federal Health Insurance Portability and Accountability Act (HIPAA) is falling far short of its promise to protect and enforce patient privacy. […]
Protecting patients’ private medical records ought to be a priority of every health care agency, but violations are not uncommon. The Times reported another local example in March, when a St. Petersburg storage facility was preparing to auction the contents of a self-storage unit, including boxed medical records left by a doctor who didn’t pay her bill.
It is especially disturbing that the U.S. Department of Health and Human Services, which is responsible for HIPAA enforcement, did not respond to [the complaint of a woman who kept mistakenly receiving strangers’ medical data]. What good is a law when the government won’t enforce it?
One of the shortcomings of HIPAA is that it isn’t specific enough about how complaints of violations should be handled. HHS’s rules should fill that gap. And every medical facility and private company that deals with patient records should train their staffs to respond appropriately to complaints like Huebner’s and Reed’s. Allowing private medical records to continue to go astray is not just illegal. It is a betrayal of patients’ trust.