Among the various things HIPAA did was establish national standards for the protection of "private health information." And this blog notwithstanding, am as down with privacy as the next person -- probably more so. I certainly don't want my health care providers selling my health information to, say, Wal-Mart so that I can get customized coupon books for protein drinks or anti-nausea medications or whatever it is that cancer patients need.
But when it comes to HIPAA, the gap between theory and intent on the one side and practice and execution on the other is much (much, much) broader than it should be.
Less so now, but for quite a few years, a significant part of my job was the negotiation of contract provisions designed to ensure the parties' compliance with the HIPAA requirements. It always struck me as odd how much disagreement there could be between reasonable parties operating from similar positions over what HIPAA requires.* But I figured we were at least working together to protect patient privacy.
Yeah, not so much. Now that I'm a patient I'm learning that more than protecting me, HIPAA just creates hassles and annoys me. Layers of permission are needed for the simplest transaction, and it's far more challenging than it should be to communicate with a doctor. It would seem providers are no longer allowed to send me email. Instead, they send me email instructing me to create an account within their private, HIPAA-compliant web sites. Then, when they want to send me a message, they send me a message telling me that I have a message in their system. Log into the system and find the message, and it turns out not to be a message. Rather, it's a notice that some page on their website has been updated with new information for or about me. So then I've got to find the update webpage.
Add in the weird idiosyncrasies of each provider's individual system (like the insane layers of password "maintenance" requirements) and it becomes an ordeal to communicate with your doctor. And while I don't really trust Google not to go trolling through me email archive for information I'd rather they not have, there has got to be a better way for doctor and patient to communicate.
Like maybe smoke signals...
* For some reason HIPAA negotiations always made me think of the Bugs Bunny cartoon wherein Daffy Duck falls victim to "pronoun trouble":
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.