[Med-privacy] sharing
Peter Marshall
pwm@comcast.net
Sat, 1 Oct 2005 11:23:03 -0700
--Apple-Mail-7--440072128
Content-Type: multipart/alternative;
boundary=Apple-Mail-8--440072128
--Apple-Mail-8--440072128
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
Privacy and Security Law Blog: Health Privacy Compromised, But When Is
It Okay To Share?
While not involving computer hackers, here's a story about an
old-fashioned invasion of privacy. The Kansas City Star reported on
September 28th that a University of Missouri hospital faces a
class-action lawsuit after allegedly releasing confidential medical
records for hundreds of patients to a company it hired to solicit
business. The suit was filed earlier this year on behalf of
approximately 800 patients with liver diseases, including hepatitis C.
The complaint alleges that records were turned over by University
Hospital's internal medicine chairman to a home health care provider
dba Option Care, who then allegedly called the patients in an effort to
sell them antiviral drugs and keep them in the hospital network. The
Option Care nurse who contacted the patients using the list from the
hospital stated that the calls were not for solicitation, but for
patient safety.
This complaint, whether valid or not, highlights the major privacy
concerns surrounding access to patients' medical records. The privacy
discussion reached a fever pitch in the build-up to the passage of the
federal Health Insurance Portability and Accountability Act, more
(un)popularly known as "HIPAA." HIPAA has been touted as a major step
in affording patients their proper privacy protections, as the law and
regulations outline the parameters and limitations in which providers
and businesses can access, share, and transfer certain protected health
information of individuals as well as security requirements. In fact,
one of the highlighted concerns leading up to HIPAA was access to
patient medical records by private companies for business solicitation
purposes.
--Apple-Mail-8--440072128
Content-Transfer-Encoding: 7bit
Content-Type: text/enriched;
charset=US-ASCII
<bold><fontfamily><param>Copperplate</param><color><param>FFFF,4444,0000</param><smaller>Privacy
and Security Law Blog: Health Privacy Compromised, But When Is It Okay
To Share?</smaller></color><smaller>
</smaller></fontfamily></bold><fontfamily><param>Lucida Grande</param><smaller><x-tad-smaller>While
not involving computer hackers, here's a story about an old-fashioned
invasion of privacy. The Kansas City Star
</x-tad-smaller><color><param>5555,5555,5555</param><x-tad-smaller>reported</x-tad-smaller></color><x-tad-smaller>
on September 28th that a University of Missouri hospital faces a
class-action lawsuit after allegedly releasing confidential medical
records for hundreds of patients to a company it hired to solicit
business. The suit was filed earlier this year on behalf of
approximately 800 patients with liver diseases, including hepatitis C.
The complaint alleges that records were turned over by University
Hospital's internal medicine chairman to a home health care provider
dba Option Care, who then allegedly called the patients in an effort
to sell them antiviral drugs and keep them in the hospital network.
The Option Care nurse who contacted the patients using the list from
the hospital stated that the calls were not for solicitation, but for
patient safety.
This complaint, whether valid or not, highlights the major privacy
concerns surrounding access to patients' medical records. The privacy
discussion reached a fever pitch in the build-up to the passage of the
federal Health Insurance Portability and Accountability Act, more
(un)popularly known as "HIPAA." HIPAA has been touted as a major step
in affording patients their proper privacy protections, as the law and
regulations outline the parameters and limitations in which providers
and businesses can access, share, and transfer certain protected
health information of individuals as well as security requirements. In
fact, one of the highlighted concerns leading up to HIPAA was access
to patient medical records by private companies for business
solicitation purposes.
</x-tad-smaller></smaller></fontfamily>
--Apple-Mail-8--440072128--
--Apple-Mail-7--440072128
Content-Transfer-Encoding: base64
Content-Type: image/ico;
x-unix-mode=0644;
name="www_PrivacyDigest_com.ico"
Content-Disposition: inline;
filename=www_PrivacyDigest_com.ico
AAABAAEAEBAAAAEAGABoAwAAFgAAACgAAAAQAAAAIAAAAAEAGAAAAAAAAAAAAOgoAADoKAAAAAAA
AAAAAAAqgSs8oC5tz2tJmk5Lt1191IA+tFB+yIJ82ZkWdjsZUTQnT1VQeHY5Wk88U1sQEUAXaxpp
wVx/6n5+24VbvmOo5KosgSwadBh5yYU7pkIGTQsMMQkTMxMWOBR1lDA8PhZCrEOCzIJn3WWH6I5o
0mk+jz4AYAECmgALgwshrCsMiRMOWAYFPgomcxSNtBlXWQ5ssHAzpzFz4n+5/Md3zHkCXgYHdwMA
qAURmQMLagoSmRQMhQkPjBM4sw2NzBVOgA42ZC8+u0h75Hh1z30QgiADYQYUmwcqrycYqRQEgQMN
eAQckC0fyis9wQeJ0Q5LjAxAji5pyWVq2FgqpAganwYIcgoJgQlOqEo6yisDrwkKmQYjnRxV1ktS
xg+EzgtAiAtGrT9sz3NiwC5QuwQnlQcCcQQ3izVzuHt343UcyBQQqwkNegoymSRxzhGQ0wtDkQ5W
wEF22opzty5RvQwQmgUCfANKn0t1wnl0v4BKvTManAsCjAgKoQxrwwulzwxKkg14z2Rq0HBBng4l
lgwDiAYPgAd+xo5wrmU8kSAXkRQDigQgvR0RrwxVvQeQ0Q48hw0/lDMsrxsurwshiA4OexAwtzlF
yVFCu0QytCkvvyxDyUoijSsIbAcfnQs3tQsafxAEPAoxmhU6mCEncRgNQwhSnV5u4nR/65eT86py
03w2oToFaQYqnA4inRUkrgwafw8WNQtvnhhVlyItgBwMQQUDNQYzjTc2kkY8my8RXA8LZQMNgAYt
qhdgvQ5ixwk6iAwpKA+GhxtFfBwOWRIfXBsfXh8MVhATWx4bYx4PVg08lzI7qhwslRRJnRJfuxYv
fQgaFRhKVR0jVBo0XylEbis8gCQhWCdalFBellEcZBQ6lSxpuCJ7rB1Onx1LqQoteQcOCSk4NTk/
QTlYUCtcUjc7SCcoQhlCbB9PfyZCeyg9dCGBoCeYlx16kxt2oR01Ww4LDD0XEUAUCT0TESkQDSkJ
CCoMExUWEiMbHBQaIhoNFhscKA8iJQgkJQ8eKgkTIxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
--Apple-Mail-7--440072128
Content-Type: multipart/alternative;
boundary=Apple-Mail-9--440072127
--Apple-Mail-9--440072127
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
format=flowed
Privacy Digest 9/29/05
--Apple-Mail-9--440072127
Content-Transfer-Encoding: 7bit
Content-Type: text/enriched;
charset=US-ASCII
<fontfamily><param>Copperplate</param><color><param>7777,7777,7777</param><smaller><smaller><x-tad-smaller>
</x-tad-smaller></smaller></smaller></color><color><param>FFFF,4444,0000</param><smaller><smaller><x-tad-smaller>Privacy
Digest</x-tad-smaller></smaller></smaller></color><color><param>7777,7777,7777</param><smaller><smaller><x-tad-smaller>
9/29/05 </x-tad-smaller></smaller></smaller></color></fontfamily>
--Apple-Mail-9--440072127--
--Apple-Mail-7--440072128--