New Legislation Addresses Patients’ Privacy under HIPAA
There’s been a lot of controversy in the news lately surrounding mental health, specifically where patients’ rights to privacy are concerned. With every new report of a horrific crime, it’s natural for the public to look for an explanation; all too often, unfortunately, the explanation turns to mental illness, and the rallying cry for reduced medical privacy rights begins all over again.
The fact of the matter is that the headline news is only representative of a miniscule portion of the population that is affected by a mental illness diagnosis. Advocates who work to protect citizens’ medical privacy have argued that releasing a patient’s mental health information would be like denying privacy rights to all patients who have the flu, simply because someone committed a crime while suffering from flu symptoms. Now, the House has passed a new piece of legislation aimed at protecting the privacy rights of all patients, and makes certain that mental illness is understood to be covered under HIPAA and other medical privacy regulations.
The House bill, H.R.2646 - Helping Families in Mental Health Crisis Act of 2016, also addresses a number of other concerns involving mental health, including expanding coverage under Medicaid for mental health treatment, altering the number of covered days for in-patient treatment, clarifying what can be shared with the caregivers of a mentally ill individual, and establishing a new position within the government to oversee the ever-evolving understanding of mental health treatment protocols, among other things.
But some of the chief victories for individual privacy concerns the liability of healthcare providers and volunteers, and the limitation on what medical information can be shared with someone other than the patient. Just as a doctor cannot call up your friends or family members and share your reproductive health data or your disease history, for example, they will no longer be able to share mental health information with outsiders without the proper circumstances in place.
HIPAA regulations are certainly a minefield for identity theft concerns, as too many doctor’s offices and medical centers have already found out. These facilities are prime targets for hackers who want to employ ransomware attacks, knowing that some hospitals will opt to pay the ransom to unlock their networks in order to avoid the hefty fines associated with having a hacker carry out the threat of dumping their patients’ private, protected information onto the internet.
Anyone can be a victim of identity theft, anyone can use our services, and anyone can help us help others. If you found this information useful, please consider donating to the Identity Theft Resource Center to help us keep our services free to the public.