August 5, 2016
You and your family’s medical records are being subjected to privacy breaches like never before. There’s a growing demand for your personal medical information. In 2012, statistics showed that pharmaceutical companies were spending 27 billion annually on drug promotion, so you can imagine what they’re spending now. You know they are constantly looking for new ways to market directly to doctors, maybe even bribe them, and influence consumer beliefs about their products.
Your sensitive medical information could provide pharmaceutical companies insight into the best approaches to market to you directly through your online browsing experience, on social media platforms, or through the mail. By collecting medical records en mass, pharmaceutical companies could strategically find ways to market to doctors and influence their prescribing practices.
New app helps enforce HIPAA, protecting patient privacy
This is why medical privacy is so important today. A new consumer protection app has is now available to the public, to inform consumers when their privacy has been breached. The new app, the HIPAA Helper tool, helps consumers search out cases when medical providers violate their privacy. When the Health Insurance Portability and Accountability Act (HIPAA) was established, it was intended to protect patient privacy, and this new app helps enforce the law.
According to Deven McGraw, deputy director for health information privacy at the Office for civil Rights, the agency received more than 17,000 privacy complaints in 2014. This number does not include the tens of thousands of self-reported privacy breaches of sensitive medical information that occur each year.
When privacy violations occur, medical providers are sometimes fined by the government and details are posted online. However, thousands of privacy violations get swept under the rug each year. The Office for Civil Rights of the US Department of Health and Human Services fields privacy breach complaints on a daily basis, but these cases are resolved outside public view. Medical providers are often just given a slap on the wrist, instructed to fix the problem and voluntarily make the changes.
With the help of ProPublica and the HIPAA Helper tool, consumers will be able to look into these privacy breaches more closely and see who the repeat offenders are. The app reveals “closure letters” that quietly ask medical organization to fix privacy issues. ProPublica has already unveiled the largest batch of these “closure letters” (300 of them) in the new app, shedding light on the constant privacy breaches taking place with medical providers.
CVS Health and the VA are the two biggest offenders
The two biggest offenders are the US Department of Veterans Affairs and CVS Health. These organizations received the most privacy complaints between 2011 and 2014 and were sent the most “closure letters” to fix the mistakes. Some of these mistakes required “technical assistance” or a full blown corrective action plan to fix the privacy breaches, revealing that there is something systematically wrong with their medical record keeping systems that allows for continued breaches of privacy.
Last fall, CVS commented, “We are never complacent about privacy matters and we constantly strive to address and reduce disclosure incidents by enhancing our training and safeguards. The VA stated that they take veteran privacy and the privacy of medical or health records “very seriously” but their words just aren’t enough when it comes to fixing the systematic errors that lead to violations of medical information privacy.
Other organizations that were warned about privacy breaches are the Kaiser Permanente, Planned Parenthood, and the military’s health care system. These breaches of privacy are not just simple mistakes either. The records show that oftentimes patients complained that the medical organization deliberately shared their health information without their permission. In many cases employees were accused of snooping in patient files. The Office for Civil Rights says that the most numerous privacy complaints fall into the categories: impermissible uses and disclosures, safeguards, administrative safeguards, access and technical safeguards.
This new app is a valuable tool for tracking and holding accountable the medical organizations that are compromising your medical information and personal privacy.