The HIPAA Privacy Rule: Flawed Privacy Exposed When Compared with the European Union’s General Data Protection Regulation

Clifford J. McKinstry

Abstract


HIPAA has among its many goals the improvement of health care delivery for those in the United States.  One aspect of the grand improvement scheme requires patients to be forthcoming with their personal health information.  In many instances that information has made its way into various data bases for storage and retrieval.  Protecting that information is a critical factor in instilling in patients the confidence they must have in order to willingly provide their patient data when seeking health care services.  How effective HIPAA is in protecting that personal health information is a matter of some debate. Many analysts see the “exceptional” treatment of health data in the United States as flawed, affording at best “confidential” safeguards rather than true privacy protections.  The EU, on the other hand, has followed a different track regarding the protection of individual privacy interests, including the protection of individually identifiable health information.  This article compares the EU’s data privacy approach with the approach of the HIPAA Privacy Rule in the United States.  The article concludes that the flaws within HIPAA in the privacy context demonstrate that the need for certain reforms now if “patient privacy” is genuinely a concern for those interested in continuing to improve the American health care system.


Full Text:

PDF

References


See the article for references


Refbacks

  • There are currently no refbacks.


©Journal of Health Care Finance