In the free section of WSJ online, there is an excellent column written by a doctor complaining about the bureaucratic nonsense associated with HIPAA:
[W]e still don’t have a free flow of information and computer system interoperability that the law was supposed to foster, but we do have the hassle and expense of dealing with the privacy parts. And in my view, protection of patient privacy between doctors, and doctors and hospitals, wasn’t a problem that needed solving before HIPAA.[...]
Many factors went into the decision to go electronic, but one of the primary ones was HIPAA. I didn’t feel I could properly safeguard paper charts and keep any kind of audit trail about who accessed the charts when they were paper. The electronic medical record allows me to limit access for certain personnel and track who has opened a chart — both concerns under the HIPAA privacy provisions.[...]
My partner tried to get a medication list from the county mental health department for a suicidal patient we had called into the office recently. Her request was rebuffed by the staff because we didn’t have a signed consent form. The patient really wasn’t thinking logically enough to consent to anything at that point and she wasn’t in our office to sign a form.
You’d think that there would be some sort of safe-harbor provision in the law to permit sharing of information between doctors in emergency situations where the patient and/or his legal designees are unable or unavailable to give consent.
I’m glad that individuals have some stringent privacy protections when it comes to health matters. I wish stringent protection was available for other personal information. However, in an emergency situation, of course I want my information shared with the appropriate medical folks.
I don’t want “privacy act bureaucracy” to be shown as my cause of death on my death certificate!