159867 Educating Patients and Providers about HIPAA and State and Local Privacy and Security Practices, Policies and Laws

Wednesday, November 7, 2007

Linda L. Dimitropoulos, PhD , Survey and Computing Sciences, RTI, International, Chicago, IL
Stephanie C. Rizk, MSc , Survey Research Department, RTI, International, Chicago, IL
David Harris, MPH , Survey Research Division, RTI International, Research Triangle Park, NC
The Privacy and Security Solutions for Interoperable Health Information Exchange project coordinated 33 states and Puerto Rico to assess the variation in privacy and security related business practices, policies, and state laws that might impede the electronic exchange of electronic health information. Stakeholders in the 33 states and Puerto Rico reviewed 18 health information exchange scenarios including 2 related to public health and biosurveillance. The results of the analysis indicate that one of the foremost barriers to the electronic exchange of data between health care organizations is disagreement on what kinds of information can be shared with whom and for what purpose. This is complicated by multiple interpretations of the HIPAA privacy rule and a lack of awareness of relevant state privacy law which is difficult to find and frequently misinterpreted by the oragnizations and providers needing to exchange information. This frequently leads to patient data not being exchanged as needed. One solution to these issues is to educate both healthcare consumers and organizations about the HIPAA provisions and the specific requirements that a given state imposes above and beyond HIPAA. Patients specifically need to better understand their rights and responsibilities with regard to their health information. Recommendations for consumer and patient education will be made along with discussion of the risks and rewards to consumers of moving from paper-based to electronic health information exchange.

Learning Objectives:
By the end of the session the participant will be able to: • Describe differing policies concerning appropriate information use and disclosure between entities • Gain knowledge of the misunderstandings concerning circumstances and extent of disclosure • Discuss a framework for educating consumers about HIPAA and State Law privacy protections

Keywords: Health Information, Privacy

Presenting author's disclosure statement:

Any relevant financial relationships? No
Any institutionally-contracted trials related to this submission?

I agree to comply with the American Public Health Association Conflict of Interest and Commercial Support Guidelines, and to disclose to the participants any off-label or experimental uses of a commercial product or service discussed in my presentation.