Privacy Laws are Nothing to Brag About

Privacy Laws are Nothing to Brag About

Vijai P. Sharma, Ph.D

There is a lot of hype regarding the added protection of your private and confidential medical information under the new Health Insurance Portability and Accountability Act (HIPAAA). Are we really so much more protected now? The fact is that under the new act, we gain some and loose some.

Weighing all pluses and minuses of HIPAA, arguably, we have received added protection pertaining to medical treatment information. As regards the behavioral health information, we have arguably lost protection of highly sensitive, private and personal information. Note, the operative word here is "arguably." There are no clear winners or losers.

Since the information about the pluses has been widely publicized, this article will exclusively focus on the minuses of this act.

The devil is in the details. Without knowing the details, I might feel well protected when told that no one has access to my medical records except the "covered entities," that is, the individuals and agencies covered by this act. Only the "covered entities," no one else! Sounds great, doesn't it? But, there is a slight problem, here. There are 600,000 of these "covered entities" in the United States! Theoretically, they all can get access to your medical information!

So, how come we have six hundred thousand "covered entities" in the country? Are they all physicians, counselors and other allied health professionals? Sure, some are. But the list doesn't stop there, it goes on to include everyone who is in some kind of "health related business."

Being of non-suspecting nature, you might say, "Oh, health related business. You mean like my health insurance? That should be all right. They have to know in order to pay my doctor." But the "buck doesn't stop here." Health related businesses include even those in health-related marketing, sales, advertising and even some others. Are you beginning to see the big picture?

Everyday, I receive several e-mails soliciting me to have my prescriptions filled or to buy other medications online. These unsolicited commercials run along these lines, "Too depressed to go to a doctor? Our doctors will prescribe Prozac, Zoloft, Paxil, Celexa or whatever antidepressant you need." The same commercial gives a pitch for Viagra and pills for high blood pressure, high cholesterol and so on.

Big corporations were already in our homes even before the HIPAA came into effect. They tempt me with the convenience of it all. They will have their doctor, who has never seen me, write me a prescription and voila! In next few days the medication arrives at my door. Would HIPAA make it worse? You bet. Marketers will be able to precisely target potential consumers and make their message leaner, sharper and more effective.

Here is how. Up until now, advertisers didn't have specific health information about prospective consumers. Shooting in the dark, they were sending generic messages covering major medical problems such as high blood pressure, cholesterol, depression, erectile dysfunction, etc. hoping something would get your attention.

As a "covered entity", a lot of corporations, as part of gargantuan electronic information networks, will be privy to a lot of your health and other personal information. They can precisely target individuals and personalize their sales pitch.

The problem is big enough to be on the "green list" of somebody. Even a bigger problem is to be on the "black list" of somebody. Corporations naturally want to increase their profit and cut their losses. A black list, or in health lingo "high risk individuals," is a potential means for a variety of corporations and agencies to cut their losses.

For example, it's not inconceivable that an auto insurance company joins some type of health related business to gain information about alcohol and drug related treatment to flag against high-risk applicants.

Homeland security, the FBI and many other law and order agencies have greater access to your information than they had prior to the enactment of the HIPAA.

Here is another way in which protection is reduced: In the pre-HIPAA, days, when mental health clients authorized counselors to release records to Dr. X, Dr. X could review the records. Dr. X could not release your records to anyone outside his or her clinic because the law said, "Re-disclosure of this information is prohibited by federal law." Now, law permits re-disclosure of the information.

Understand that when you sign a release to a health professional, hospital or a clinic to receive your information, they can re-disclose it to other covered entities such as public health agencies, researchers, drug companies or even fund-raisers without your specific permission.

If you want complete control over your intimate and sensitive personal information for counseling, it is better to pay cash, not claim insurance benefits and tell your mental health professional that you don't want to release your information to anyone. Then you have real protection.

Return to Self Help 

Copyright 2003, Mind Publications 
Posted May 2003


Click for Dr. Sharma's credentials
Dr. Vijai Sharma
Your Life Coach
By Telephone

Feedback- Let us know how we are doing

Terms and Conditions

Web site designed and maintained by Chanda Taylor