Health-care workers are whispering in outrage that new federal privacy rules abolish sign-in sheets at doctor offices.
 |
 |
| (Daniel Marsula, Post-Gazette) |
|
Physicians fret that they can no longer use patient names when discussing a case with colleagues.
Religious leaders are telling congregations that the privacy rules will prevent them from shepherding their flock in the hospital.
Can this be true?
No.
The sweeping rules that went into effect yesterday were mandated seven years ago to keep patient records confidential. What followed was years of debate among doctors, hospitals, consumer groups, government officials and myriad interest groups affected by the proposed privacy rules. That spawned a confusing series of drafts and re-drafts of the voluminous regulations.
Confusion remains, even though the rules that went into effect yesterday were issued last year.
| |  |
| | |
More info
 Some changes you can expect.
Hospitals fear the rule may hurt charitable giving.
Under the new rules, health-care providers may disclose information without patient authorization so long as it is used for treatment, payment and health-care operations.
Some non-routine disclosures are permitted without authorization, such as reporting a communicable disease to a health department and some, but not all, research purposes. But providers must maintain a list of all these non-routine instances. The privacy rules give patients a new right to see this "accounting of disclosures."
For more information about the privacy rule, you can visit www.hhs.gov/ocr/hipaa/
If you believe your privacy rights have been violated, you can find information at www.hhs.gov/ocr/howto
fileprivacy.htm
| |
| | |
Sign-in sheets are fine; it's just that doctors shouldn't ask patients to list their health complaints. Doctors can still consult with colleagues, but should take reasonable precautions to prevent others from hearing. The new rule doesn't prevent clerics from looking at hospital directories, but does give patients a right to opt out of these listings.
The misconceptions that have cropped up with HIPAA, the Health Insurance Portability and Accountability Act of 1996, threaten to have a greater impact than the rules themselves.
"The biggest problem with HIPAA is the misunderstanding of HIPAA," said John P. Houston, privacy officer for the University of Pittsburgh Medical Center.
Among those who understand the rules, there's debate about their value.
Some hospital and health-care officials charge that the regulations add layers of paperwork and bureaucracy to guarantee privacy when that was already being protected. Some privacy proponents, on the other hand, herald the changes, saying privacy laws have been vague and lacked teeth.
When the privacy rules were first issued by the Clinton Administration, they required patients to give written consent for the release of all medical information. But health care groups argued this was unworkable and the final rules grant a large exemption for health information shared for purposes of treatment, payment and health care operations.
Consumer advocates disagree about whether the baby was thrown out with the bathwater during this process.
Some patient groups filed a lawsuit in Philadalphia last week to block implementation, charging that the law actually reduces patient privacy. But Charles Inlander, president of the People's Medical Society, a national consumer group based in Allentown, believes that"Every aspect of this is good for consumers. ... These rules put a lot of requirements on providers to make sure that they are truly recognizing that consumers have privacy rights."
There's no debating one thing: The rules have greatly increased a consumer's risk for suffering a paper cut.
Patients who visit the doctor, hospital and even the dentist this spring are receiving lengthy explanations in writing of their privacy rights and are being asked to acknowledge with a signature that they've received the notices. Those forms are in addition to the notices being issued by pharmacies, nursing homes, health plans and, in some cases, employers.
The University of Pittsburgh Medical Center has printed 700,000 copies of its four-page notice of privacy practices, which are being distributed to patients. While many people are simply tossing these in the trash, the fine print reveals important information for consumers.
Under the new rules, patients have a right to see and copy medical records, a right already granted by Pennsylvania law. If patients notice mistakes in their record, they can ask that changes be made.
The rules stipulate when patient information can be shared with others. Information can be shared among health-care workers caring for a patient and with insurers who pay for that care. But it cannot be given out to employers for personnel decisions or for use in marketing unless a patient approves it.
A patient's name, condition, religious affiliation and room number are typically kept in hospital directories accessed by switchboard operators. The new rules give patients a right to decide what, if any, information can be listed in these directories. This will affect news organizations and clerics, who rely on the directories to learn about patients in the hospital. They won't know about someone who doesn't want to be listed.
Patients have a right to ask health-care providers not to share information with friends and family. An AIDS patient receiving hospital care, for example, can ask that family members not be given any condition information. And patients have a right to request that providers communicate health information in more private ways -- asking a doctor to send it to a work address rather than home.
If patients believe their privacy rights have been violated, they can complain to a privacy officer at the facility or to the federal government. Providers could be fined $100 per violation and up to $25,000 per year for each requirement or prohibition violated.
Some violations could bring criminal penalties including up to $250,000 and 10 years in prison if the offenses are committed with the intent to sell, transfer or use protected health information for commercial advantage, personal gain or malicious harm.
While fines and penalties present a future concern, eliminating confusion remains a key problem today.
A government Web site for the Office of Civil Rights at the U.S. Department of Health and Human Services, which is responsible for fielding privacy complaints from consumers, includes 189 frequently asked questions about the rules. Those questions-and-answers are an attempt to eliminate misunderstandings, such as the suggestion made by some that hospitals can no longer have patient names on the covers of hospital charts.
"Of course they can have names on the chart," said Rick Campanelli, director of the office. "The question is, what are they doing with the charts? If you have charts on the wall in an area where visitors walk down the hall, all that needs to happen is that the names should face the wall."
Still, there are misconceptions.
One physician said that the new rules forced a dehumanizing touch at Sewickley Valley Hospital, where patients registering must take a number and wait to be called to the registration desk, as if they were at a grocery store deli. As the doctor put it: "A lot of this is very offensive to me, because the personalization of care is very important."
But a spokesman for Heritage Valley Health System, parent company of Sewickley Valley Hospital, said the change wasn't driven by the new rules, and federal officials confirm that the rules mandate no such thing.
Ann Mathias, compliance officer for Magee-Womens Hospital, said she spends time at work tamping down misunderstandings among employees about what the rules mandate. Then, she goes home only to get grief from neighbors who complain that a priest or rabbi has told them he won't be able to visit them in the hospital because of the privacy regulations.
"That's not true," Mathias tells them. "Some people have gotten very nervous about this."
Christopher Snowbeck can be reached at csnowbeck@post-gazette.com or 412-263-2625.
E-mail this story 
