tag:blogger.com,1999:blog-16774010.post5472109810012100516..comments2024-01-25T17:58:34.297-05:00Comments on Scott's Web Log: George Clooney & Patient Privacy RightsScott Shttp://www.blogger.com/profile/03286529314567223617noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-16774010.post-38737673706665652432008-02-08T23:21:00.000-05:002008-02-08T23:21:00.000-05:00"They were suspended because Clooney is a celebrit..."They were suspended because Clooney is a celebrity, but if the same thing happened to an average person, I suspect they wouldn't have even been reprimanded."<BR/><BR/>How right you are. I am the average person. My ex-wife works in my doctors office and helped herself to my medical records and relayed info to her attorney. A few months later she accessed the records of a friend of mine and relayed that info to her attorney. Also the daughter of my friend.<BR/><BR/>I contacted OCR and they just blew it off. I contacted Willis Knighton Hospital and they accused me of mudslinging. I even contacted my doctor, and was informed how to go about finding another doctor.<BR/><BR/>comments or questions you can reach me at dccarney@juno.comAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-16774010.post-40732695606345477812007-10-12T18:30:00.000-04:002007-10-12T18:30:00.000-04:00Look up "Richard Gibson" ID theft HIPAA Seattle Ca...Look up "Richard Gibson" ID theft HIPAA Seattle Cancer Care Alliance and read about the penalties.<BR/><BR/>HIPAA isn't a joke - but it's up to the hospital administrators to enforce it approriately; have the correct privacy officers running the program, etc.<BR/><BR/>As for George Clooney's attitude - wait until they release information he doesn't want told about him and then his attorney's will have a much different approach.<BR/><BR/>HIPAA is to protect everyone's privacy - he is setting a bad example for those that work to enforce these laws/rules and for those nameless patients that expect the appropriate handling of their protected health information.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16774010.post-89252688467680714752007-10-12T09:03:00.000-04:002007-10-12T09:03:00.000-04:00Let me just add that even if a person is the victi...Let me just add that even if a person is the victim of an violation of the HIPAA Privacy Rule, the law does not give people the right to sue. Instead, individuals must file a written complaint with the Secretary of Health and Human Services via the Office for Civil Rights. It is then within the Secretary's discretion to investigate the complaint. HHS may impose civil penalties or criminal sanctions (with corresponding prison terms) may be enforced by the Department of Justice. But aince the Privacy Rule went into effect, HHS has focused on a complaint-driven process that relies on voluntary compliance with the law. So far, even though over thousands complaints have been filed, not ONE civil monetary penalty has been issued! That's a really lame excuse for patient protection, especially if we're not even enforcing the rules on the books.Scott Shttps://www.blogger.com/profile/03286529314567223617noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-14723542159821288262007-10-12T08:41:00.000-04:002007-10-12T08:41:00.000-04:00Once again, I think you are overstating the belief...Once again, I think you are overstating the belief that §164.526 offers full protection. While it does require "covered entities" to document the titles of the persons or offices responsible for receiving and processing requests for amendments by individuals and retain the documentation as required by § 164.530(j), it frankly does very little to help a victim of medical identity theft to resolve those issues other than to enable where the theft occurred. Clean-up can be time consuming, messy and frankly, we should be ashamed that this is called a patient "protection" when compared to the Fair Credit Reporting Act, which outlines specific timeframes and specific procedures that disputes must be addressed. Sorry, I do not agree that this adequate, and much, much, much more needs to be done.Scott Shttps://www.blogger.com/profile/03286529314567223617noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-62342383342497532332007-10-12T00:40:00.000-04:002007-10-12T00:40:00.000-04:00Scott, once again, you need to look at HIPAA a lit...Scott, once again, you need to look at HIPAA a little closer - specifically §164.526 that gives a consumer the right to view and request amendment of their medical records. There are some exceptions but they don't apply in normal and usual situations. For instance, if you're just pissed that your BG came in too high at 250, you can't compel the provider to change it to 150 when it fact it WAS 250. However, if they note 250 and you have the copy of the lab work that shows it was indeed 150 you can request that amendment.<BR/><BR/>I pointed this out to you on DTF a couple of years ago and I'm a little dismayed that a well-informed, well-educated, well-intentioned man like you is still spreading this misinformation. :-(Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16774010.post-40642986947436025042007-10-11T18:07:00.000-04:002007-10-11T18:07:00.000-04:00I know of several UPMC employess (big hospital cha...I know of several UPMC employess (big hospital chain in Pittsburgh) who were fired for looking up records on Ben Roethlisberger of the Steelers. Privacy does not exist in this age. You can bet that your insurance agency, employer or neighbor can find out anything they want about you if they tried.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-16774010.post-42440966130404051812007-10-11T13:53:00.000-04:002007-10-11T13:53:00.000-04:00Medical privacy is such a dicey subject - it needs...Medical privacy is such a dicey subject - it needs to be open enough for the free flow of information in diagnosis but closed enough so your employer can't use it against you for example. When my uncle was dying from brain cancer trying to get his medical records from NYU to Sloan was near impossible and that defeats the purpose of medical privacy.<BR/><BR/>Scott - would love to talk to you more about NYC endos as it seems you have more knowledge about them than anyone - could you shoot me an e-mail at edward.liebowitz@bbh.com so I could ask you a couple questions.<BR/><BR/>Thanks!Wingmanhttps://www.blogger.com/profile/00867789638868481704noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-48450094329277460652007-10-11T08:15:00.000-04:002007-10-11T08:15:00.000-04:00Anne, thanks for your input. From my own perspect...Anne, thanks for your input. From my own perspective, I would say that we need not agree with all of Dr. Peel's perspectives to agree with the overall perspective that HIPAA provides relatively little protection to individuals and needs to be revised. As you note, it HAS increased the level of care given to medical records, but when we compare the level of control we as individuals have regarding our medical records to say, your personal credit report, not only do we not have the level of controls afforded with the Fair Credit Reporting Act (FCRA), but there is no way to even dispute a discrepancy if one should exist, nor is there a law outlining procedures for resolution.<BR/><BR/>HIPAA was implemented at the last minute because there was public outcry about the lack of privacy provisions, but the practical reality is that aside from the threat of a fine for violating HIPAA provisions, there have been a total of 3 fines imposed during 2007, in spite of over 250,000 complaints -- three!!!<BR/><BR/>We need to revisit the privacy rules and examine them not only from the patient perspective, but from the healthcare providers' perspective and give it more serious consideration to the practical impact these rules have from all parties' perspectives. A last-minute addendum to the Health Insurance Portability Act has not really addressed the host privacy concerns in a way that makes really anyone happy!Scott Shttps://www.blogger.com/profile/03286529314567223617noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-86089353822559183192007-10-10T21:46:00.000-04:002007-10-10T21:46:00.000-04:00Okay I have to say they got the reality of HIPAA r...Okay I have to say they got the reality of HIPAA right. From their website:<BR/><BR/>"Healthcare providers over-reacted and misread the rule. Hospitals quit labeling nursery cribs with names of newborns (or even closed curtains) for fear of violating the family's medical privacy. Drug store customers now wait in distant lines so pharmacists cannot be overheard describing side-effects to customers. Friends cannot send flowers to patient's rooms, pastors fear informing congregations about members in the hospital, and some doctors believe they can no longer communicate with other doctors caring for the same patient. Newspapers cannot name people who are injured or describe the state of their health."<BR/><BR/>I've definitely seen these sorts of thing happen. On the other hand, our computer systems have become much tighter with tight security due to HIPAA, for example. My experience is limited to my own department.Anne Findlayhttps://www.blogger.com/profile/03005305831235654057noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-78783158910563890832007-10-10T21:35:00.000-04:002007-10-10T21:35:00.000-04:00Working in the medical field, I have to take excep...Working in the medical field, I have to take exception to some of the points made by Dr. Peel, at least from my observations.<BR/><BR/>HIPAA is not a joke. Since it was implemented, security of medical records where I work has increased significantly, to the point where it sometimes if not often can even interfere with doctors who are trying to coordinate care of a patient. Yeah it is a disclosure/exposure rule which naturally leads to increased privacy, at least in many circumstances.<BR/><BR/>If the law were increased to restrict any communication of medical records without explicit consent of the patient, patients would suffer. Most patients don't realize what doctors do behind the scenes to coordinate their care. I am talking about things like surgery or other medical procedures, rather than a routine visit with the family doctor.<BR/><BR/>Also, regarding point 2: the average person is of no interest to the media. I would also be very skeptical of the rest of the claim as well. What proof of this is there?<BR/><BR/>That being said, I don't want my medical info out there as much as the next person, but then again, it's pretty much out there since I discuss having diabetes on my blog. If I were so concerned with pertinent medical info being public information, I would not publicize my most costly medical condition.<BR/><BR/>Just my 2 (or 3) cents.<BR/>-AnneAnne Findlayhttps://www.blogger.com/profile/03005305831235654057noreply@blogger.comtag:blogger.com,1999:blog-16774010.post-58485556977471448492007-10-10T16:12:00.000-04:002007-10-10T16:12:00.000-04:00Scott,Awareness needs to come from the patient. I ...Scott,<BR/><BR/>Awareness needs to come from the patient. I had written about the impact of online medical information systems and privacy a few days ago on my blog - http://srirambala.com/?p=278<BR/><BR/>There are a number of steps one can take with HIPAA, but it is so cumbersome that people give up and ask, "Why bother?".Shamanhttps://www.blogger.com/profile/16312568767058649117noreply@blogger.com