HIPAA - The Intent
The Health Insurance Portability and Accountability Act of 1996 (HIPAA) began as a “portability act” to help individuals keep their health insurance coverage as they moved from one job to another.

HIPAA evolved to include much more than portability. It is a complex set of rules that cover patient privacy and the use of information technology to transfer your medical records.

Lawmakers began nearly a decade ago to try and blend the ancient ethical tradition of patient privacy with the health information technology advances that can save lives and reduce costs.

Doctors now can help evaluate and treat patients in rural hospitals hundreds, or thousands, of miles away via satellite imagery and internet connections. Insurers can cut their costs for claims processing and treatment providers can reduce some medical errors using electronic records.

Congress intended for the HIPAA Privacy Rule to bring the healthcare industry into the 21st century while saving citizens billions of dollars.

HIPAA - The Reality
HIPAA produced absurd results because patients were no longer asked what medical information they wanted shared and what information they wanted to be kept private.

Barriers were created that patients didn't want, and access was granted to private corporations, individuals and government agencies that patients would never have agreed to.

Healthcare providers over-reacted and misread the rule. Hospitals quit labeling nursery cribs with names of newborns (or even closed curtains) for fear of violating the family's medical privacy. Drug store customers now wait in distant lines so pharmacists cannot be overheard describing side-effects to customers. Friends cannot send flowers to patient's rooms, pastors fear informing congregations about members in the hospital, and some doctors believe they can no longer communicate with other doctors caring for the same patient. Newspapers cannot name people who are injured or describe the state of their health.

The Privacy Rule Became The Disclosure Rule
Patients were required to sign new "Privacy Forms" effective April 14, 2003, which gave the illusion that their records were, well, private.

Opening The Doors To Thousands
"Regulatory permission” opened the door to all “covered entities”, “business associates” and affiliates to use and disclose an individual’s personal health information regardless of his or her wishes. Covered entities include more than 600,000 health plans, health data clearinghouses, doctors, health professionals, hospitals, labs, pharmacies, self-insured businesses, and health and life insurers. Business associates include any businesses that "covered entities" contract with, such as accounting firms, banks, printers, and law firms.

See examples of who can see and use your medical records.

People Are Avoiding Healthcare
Some individuals have begun avoiding health care services altogether and withholding sensitive information from their doctors that may be necessary for effective health care. This “self preservation” behavior is typical of individuals who believe that their medical privacy is threatened. (65 Federal Register at 82,467-68)

Complaints Are Being Filed
By 2005 the federal government received about 10,000 complaints of violations of the Rule. The largest percentage of the complaints were due to inappropriate uses or disclosures and inadequate safeguards. There has been only two convictions for violating privacy, one being a case of identity theft.