HIPPA and Health Information Exchanges

Having electronic medical records makes it possible to transfer health information between healthcare providers using healthcare information exchanges. In the UK, there are various acts of parliament and professional regulations that protect patient data.

In the United States, various states are doing important work in developing healthcare exchanges. In the United States, the Health Insurance Portability and Accountability Act (HIPAA) was introduced in 1996. I was interested to learn a little more about how this interacts with the health information exchanges. A comprehensive answer to this question requires an assessment by a lawyer with expertise in relevant aspect of US law.

However I was interested to see what discussion was taking place about this interaction. There would be some lessons to be drawn from the UK perspective as well as other countries. I found this article by freelance healthcare writer Ken Terry. Terry had sought the opinions of healthcare lawyer David Harlow.

From this article it is clear to see that the interaction between HIPAA and healthcare information exchanges is complex. The United States has different laws in each state which add to the complexity. Some states have opt-in clauses for patients to opt-in to the exchange of their data in the healthcare information exchanges. Other states have opt-out clauses.

Another complicating factor is that sometimes patients want to opt-out parts of their information from being shared (e.g. specific diseases). However this is less straightforward when that information is contained within free text fields rather than structured fields.

My interpretation of this is that with structured fields, the information can be indexed and sorted more easily with automated processes. With free text fields, in the absence of sophisticated text analysis solutions, the data would have to be manually removed or possibly excluded from the transfer to guarantee that embedded sensitive information is not included in the transfer.

Anyhow my impression from reading this article and looking at some associated articles is that the interaction between laws which protect patient data and the confidentiality of this data and the exchange of healthcare information between healthcare providers appears to be quite complex.

Index: There are indices for the TAWOP site here and here

Twitter: You can follow ‘The Amazing World of Psychiatry’ Twitter by clicking on this link.

TAWOP Channel: You can follow the TAWOP Channel on YouTube by clicking on this link.

Responses: If you have any comments, you can leave them below or alternatively e-mail justinmarley17@yahoo.co.uk.

Disclaimer: The comments made here represent the opinions of the author and do not represent the profession or any body/organisation. The comments made here are not meant as a source of medical advice and those seeking medical advice are advised to consult with their own doctor. The author is not responsible for the contents of any external sites that are linked to in this blog.

Conflicts of Interest: *For potential conflicts of interest please see the About section.