Does HIPAA really protect our privacy?

As my head reels at the implications of the IRS scandal mushrooming in Washington, the IRS’s recently disclosed ability to access emails without warrant, the intricacy of the NSA PRISM wiretap techiques that includes their ability to acquire tech firms’ digital data, and even the Justice Department’s ability to secretly acquire telephone toll records from the Associated Press, I wonder (as a doctor) what all this means for the privacy protections afforded by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in our new era of mandated electronic medical records.  Are such privacy protections credible at all?

It doesn’t seem so.

Now it seems everyone’s health data is just as vulnerable to federal review as their Google search data.  This is not a small issue.  We have already seen that discovering “leaks” of personal health information has produced some very handsome rewards for the feds, so it is not beyond reason to think that HIPAA might also be a funding tool for our government health care administration disguised as a beneficent effort to protect the health care data of our populace.

But even more concerning is the role the IRS scandal has for America’s health care system.  After all, the Affordable Care Act is ultimately funded by the IRS by administering some 47 tax provisions.  These include the right to levy a penalty against businesses and individuals who don’t provide or acquire insurance and determining how to distribute annual subsidies to 18 million people who make less than $45,000 a year and thus qualify for subsidies in buying health coverage. In addition, the agency will collect taxes on medical devices and a surtax on people making more than $200,000 a year, as well as conducting compliance audits of tax-exempt hospitals.

We are left to wonder: given the IRS’s recent actions in favor of one political party, could other aspects of our evolving health care system be similarly politically targeted?  What if the government agencies turn a disapproving eye on physician-run hospitals or independent concierge medical practices?  What if the market place emergence of a two-tier health care system is systematically crushed?  For these types of concerns we instinctually rely on a fair, beneficent government, but these latest revelations challenge that assumption.

To the political class, the ends always justifies the means.  Now, we’re seeing that the means includes stealth digital tracking, e-mail browsing, and wiretaps.

Health care data protection by HIPAA?


We should think about the far-reaching implications of what we’re seeing from our government agencies as we turn the reins of health care financing over to them lock, stock, and barrel.  Perhaps Peggy Noonan said it best:

What does it mean when half the country—literally half the country—understands that the revenue-gathering arm of its federal government is politically corrupt, sees them as targets, and will shoot at them if they try to raise their heads? That is the kind of thing that can kill a country, letting half its citizens believe that they no longer have full political rights.

Those who think this is just business as usual are ahistorical, and those who think nothing can be done, or nothing serious should be done, are suffering from Cynicism Poisoning.

In the blink of an eye, HIPAA privacy protections now seem small.

Very, very small.

Wes Fisher is a cardiologist who blogs at Dr. Wes.

View 6 Comments >

Most Popular

Get KevinMD's 5 most popular stories.