Baby ‘HIPAAs’ vexing healthcare organizations
June 27, 2015 in Medical Technology
June 18, 2015 AT 4:59 PM
Fifty states plus the feds makes 51 sets of privacy rules many healthcare organizations have to take into account as they manage their digital information. Not surprisingly, one stakeholder insists, with great insistence, that it’s time for things to change. What prompted his outburst was some time reading through the comments on ONC’s recently released Interoperability Roadmap. “Some were clearly worried about data being misused. Others were concerned about liability. Still others fretted about the costs of compliance.
A common thread concerned the challenge of observing the federally-mandated HIPAA rules and fifty different state “baby” HIPAA rules. HIT vendors have long since adjusted to this maze of regulations – but not without cost.” For guidance, he suggests the healthcare sector look to the banking industry, which, “more than 70 years ago . . ., confronted by 50 different state regulatory schemes, took direct action. They eventually convinced all of the states to enact a regulatory regime called the Uniform Commercial Code (UCC).”