HIPAA Protected Health Information: Who Benefits?

by Carter Brock
File under: Fake Freedom21 Sep 2014 19:25 EDT

It's something worth trillions of dollars. You could be handling it everyday, not even realizing the valueProtected Health Information, Medical Records. With healthcare employing nearly 12% of working Americans (a figure only expected to increase in coming years),it's likely that many readers have encountered these golden nuggets in their professional lives. But be careful. One moment of carelessness, any minor trespass against HIPAA's serpentine privacy regulations, could have major consequences for your finances or career.

Like most modern legislation, the original 1996 HIPAA act is a swollen Frankenstein's monster of stitched-together provisions, though the appendage regarding medical record privacy is what most people associate with the law. Exposing any bit of personal identificationpaired with the healthcare services provided constitutes a HIPAA offense. One general interpretation is that even stating a given person is a patient at X medical clinic would count as a HIPAA violation. Break this law and you'll face both civic and criminal penalties (large fines and some jail time). You're also guaranteed to lose your job if you work in the field.

And why not? There are numerous reasons why people would prefer that their health information was kept closely guarded. Health-related matters can be emotionally charged, or perhaps embarrassing. On the surface, HIPAA appears to be an important act of consumer protection. But stepping back to look at the bigger picture, the pieces of this explanation do not really add up.

The first incongruity is that privacy is no longer held sacred. In this era of the Patriot Act and electronic surveillance systems, when it's commonly understood that nothing we do online goes undocumented and Facebook's CEO contends that privacy is no longer a social norm, it seems strange for so much emphasis to be placed on this particular aspect of privacy. Our legislators have proven time and again that privacy (for citizens) is seen as unimportant, so claiming that HIPAA exists to protect individual privacy sounds more than a little hollow.

Next, consider how the modern legislative process operates. Law makers are responsive to political donorsbig business and lobbyists, who are allowed to essentially write legislation for their own advantage. The best interests of ordinary constituents are sacrificed at every turn, something we see happen across every important industry. What, then, is the likelihood that legislators, seemingly out of the blue and out of the goodness of their own hearts, decided en masse to pass a bill designed to protect nameless, individual consumers? The odds are extraordinarily low.

What's really at stake here? If a random person has their health information exposed, what exactly have they lost? Oh, a bit of their dignity to be sure, but when has our (in)justice system ever shown respect for its subjects' dignity? This isn't the kind of thing that motivates the passing of laws in this country. No, follow the money and you'll find the answer, the thing HIPAA is really meant to protect: America's multi-trillion dollar annual healthcare industry.

In fact, U.S. healthcare itself is by some estimates the world's fifth-largest economy. Now there is something worth guarding. Like any good neoliberal ideal, the healthcare industry is a paragon of privatization. Everything is owned, everything is patented pharmaceuticals; medical devices, procedures, and treatments; lab tests; even large portions of the human genome. In such an environment, what was once our personal health history transforms into copyrighted, proprietary trade secrets.

It is this veil of secrecy that shields industry profit. From a scientific perspective, it is widespread access to information, a sort of open-source model, that leads to the greatest public benefit. The medical community can improve most efficiently when all the data is availablehow did certain treatments, drugs, and procedures affect certain demographics of people, afflicted by certain ailments? Locking away this information does nothing to improve medicine; it only protects monopolies of practice/treatment and preserves the financial status quo.

Notice the disconnect in language regarding HIPAA's privacy provision. These standards are set under HIPAA Title II and its “Administrative Simplification” rules, enacted to “improve efficiency and effectiveness of the health care system.” If patient concerns were so central to HIPAA's purpose, Title II would have been called something like "Patient's Rights and Privacy Protections". Instead, the privacy statutes are lumped in along with medical coding, insurance, and physician licensing regulations.

These are rules for moderating commerce within the healthcare industry, not for protecting patients.

Note that Title II outlines security standards which go well beyond mere privacy guidelines. It's not just that you can't disclose health information, it's that this information must literally be kept under lock and key. Healthcare patent-holders do not want their intellectual property to fall into the "wrong hands".

To elucidate the point, look at this explanation of protected health data from the Health and Human Services Department website:

“Individually identifiable health information” is information, including demographic data, that relates to:

  • the individual’s past, present or future physical or mental health or condition,

  • the provision of health care to the individual, or

  • the past, present, or future payment for the provision of health care to the individual

This is what's really important what afflictions do you have, how were they treated, and how much did you pay? HIPAA doesn't really care about preserving your anonymity. HIPAA cares about keeping treatment and the results of treatment away from the scrutiny of the scientific/research community. (And as far as payments, can't forget insurance and hospitals with their obscene pricing schemes).

Of course, all of this is framed as a “consumer protection”, though the lack of transparency ultimately harms patients instead. Medical researchers are kept in the dark, finding it exponentially more difficult to develop newer, better methods of practice (or abandon faulty practices),as this would be a threat to current profit-makers. Fortunes literally hang in the balance.

What have we learned from this HIPAA examination? Much like the Affordable Care Act, which ostensibly regulates insurance company greed while in actuality raising their profits by forcing more customers into their clutches, laws that are passed often have the opposite affect of their purported intent. We have to stay vigilant, and expect more fake legislation coming down the pipeline.


Follow us on Twitter
Friend's email:    Your email:  


Name: (optional)