Home Care Law Blog Gilliland & Markette LLP

3905 Vincennes Road
Suite 204
Indianapolis, IN 46268
Phone: (317) 704-2400
Fax: (317) 704-2410

Recent Survey Results

Posted by: Robert Markette
January 10, 2007

I read an article right before the holidays that I thought was interesting, but due to the holidays, I have only just now gotten around to posting it. According to the article, which appeared on the Hipaadvisory website, the Department of Health and Human Services Office of Civil Rights (“OCR”) has determined that less than a quarter of HIPAA complaints warrant investigation.

According to a survey reported in the article, between April 2003 and September 30, 2006, OCR received 22,664 complaints.  Of these complaints, OCR determined only 5,400 required any further investigation or action.  Of the 5,400 cases investigated by OCR, OCR determined that 1700 of the providers had not violated the rule.

This means that only 3700 cases required any action by OCR.  In other words, only 16% of the complaints resulted in any action by OCR.  The article mentioned that the company performing the survey did not know what to make of these numbers.  In my opinion, it confirms what most health care providers felt when HIPAA was implemented – health care providers were already protecting patient privacy. 

HIPAA was a major change in patient privacy, especially from the standpoint of notifying patients of their privacy rights and giving them access to their information.  But as for patient privacy, providers had been concerned about that long before HIPAA. Health care providers, much like attorneys, are ethically required to maintain patient confidentiality.  Patient confidentiality was maintained without federal regulation as a matter of professionalism.  HIPAA simply created an additional, and unnecessary, regulatory burden for health care providers.

Some might argue that these statistics might demonstrate a need for even more regulations, because 84% of the complaints were not investigated.  The concern would be that if HIPAA were broader, more complaints would be investigated because patients would have more privacy.  But that assumes more investigations or stricter privacy requirements would be good simply for he sake of tighter restrictions.

Others who disagree with my conclusion that the statistics support a position that HIPAA was unnecessary will say that the numbers were higher before HIPAA or that we have no way of knowing what went on before HIPAA.  I would agree that we may not have similar “pre-HIPAA” survey results, but the having 84% of patient complaints dismissed demonstrates a fairly high level of compliance, a level that you might not expect if you thought providers were not concerned about patient privacy.
 
Given the large number of complaints that were facially invalid, I think you can draw another conclusion – patients have an unreasonable expectation of what HIPAA means.  I routinely get calls from individuals who want to sue for a violation of their “HIPAA rights”.  Many of these alleged violations are not violations.  Patients seem to understand HIPAA as an absolute moratorium on sharing PHI, but it is not.  This misunderstanding of their rights leads to a large number of frivolous complaints.  Perhaps patients need as much education as the providers.

Finally, the low number of investigated complaints weighs against the need for more enforcement of HIPAA.  In three years, there have only been 3700 violations of HIPAA requiring action. If the community is compliant at an 84% or better rate, OCR would be better off investing its enforcement dollars elsewhere.  The provider community appears to be doing much better than many estimated in its efforts to comply with HIPAA. 


        

News

Health Care

[08/15] Catalyst Pharmaceutical Partners Reports Second Quarter 2008 Financial Results
[08/15] Salmonella outbreak winds down; questions remain
[08/15] 6 get Legionnaires' disease in upstate NY; 1 dies
[08/15] NYC heroes lift bus off pregnant woman; baby saved
[08/15] NYC heroes lift bus off pregnant woman; baby saved
[08/15] Former half-ton man endures hard times in Nebraska
[08/15] AP Interview: Doctor behind executions speaks out
[08/14] University Hospitals Receives $22.6 Million Donation from Harrington and McLaughlin Families
[08/14] The National Kidney Foundation's 7th Annual Ronald D. Paul Companies Kidney Walk to be Held on Saturday, September 20
[08/14] Best Practice Database adds Research on New Product Launch
Read More

Web Resources

FindLaw
Thomson West
U.S. Courts
Westlaw
United States Chamber of Commerce
FirstGov
Legislative Branch
Library of Congress
White House
Internal Revenue Service
National Weather Service
Yahoo!Maps
YellowPages.com
New York Times
Newspapers Online
USA Today
Wall Street Journal
AOL
Google
Yahoo!Legal Blog Directory  

The information you obtain at this site is not, nor is it intended to be, legal advice. You should consult an attorney for individual advice regarding your own situation.

Copyright © 2008 by Home Care Law Blog Gilliland & Markette LLP. All rights reserved. You may reproduce materials available at this site for your own personal use and for non-commercial distribution. All copies must include this copyright statement.