Congress races to meet privacy law deadline
Congress races to meet privacy law deadline
Failure could turn responsibility over to bureacrats at the Department of Health and Human Services
Congressional efforts to beat this summer’s deadline for passing medical record confidentiality legislation suffered a setback last week when the Senate Committee on Health, Education, Labor, and Pensions postponed consideration of the issue until June 9.
That gives Congress only a few short weeks before and after the July 4th recess to settle the outstanding issues. If Congress fails to pass a bill, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 will pass the torch to the Department of Health and Human Services (HHS), which would have until next year to come up with final regulations on its own. "They are busy drafting those regulations as we speak," says Don Asmonga, government relations director at the Washington, DC office of the Chicago-based American Health Information Management Association.
One major stumbling block that surfaced last week was an effort by Sen. Ted Kennedy (D-MA) to make it harder for health care investigators to acquire patient medical records. "The current drafts still allow law enforcement to use tools that don’t require judicial oversight such as an administrative subpoena," explains Kennedy aide Jim Manley. "There are also no limitations on the use of the information that is gathered."
The Department of Justice (DOJ) is trying to avoid those restrictions. John Bentivoglio, Special Counsel for Health Care Fraud at DOJ, recently told the same committee that in many cases DOJ’s ability to investigate and prosecute serious crimes — including health care fraud — will turn on its ability to obtain "individually indentifiable health information in a timely and appropriate manner." As an example, he cited the need to conduct "a comprehensive review of patient medical charts" in a potential investigation of a hospital suspected of billing health insurance plans for services that were never provided.
Among the three bills currently vying for the top spot, only the one sponsored by Sen. Patrick Leahy (D-VT) would require law enforcement officers to obtain a court order before gaining access to medical records. Leahy’s bill would also prohibit law enforcement agencies from using medical records as part of any centralized law enforcement database. The other two front-runners — bills sponsored by Sen. Robert Bennett (R-UT) and Sen. Jim Jeffords (R-VT) — would give law enforcement much wider latitude.
But that’s not the only issue that has Congress stymied. Another key issue is whether or not the bill passed by Congress should override existing state privacy laws. The bills sponsored by Bennett and Jeffords would essentially blast existing state laws, but Leahy’s bill would not. Multi-state health care providers say a patchwork of state and federal regulations in this area would spell disaster. Already, they point out, the draft bills each approach 100 pages. And that’s before HHS turns those laws into regulations.
A third issue is "private right of action," says Asmonga. "The Democrats want a private right of action where somebody could sue an institution for wrongful disclosure of health information," he reports. "But that is something that is going to be a tough sell in the Republican conference."
At the moment, it’s anyone’s guess whether Congress will sort these issues out in time to meet the Aug. 21 deadline. If it doesn’t, federal lawmakers might try to extend their deadline until the end of the year but the Clinton Administration could always eliminate that option with a Presidential veto.
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.