With no definitive electronic standard in sight for securing and maintaining the confidentiality of American consumers' medical records, insurance and healthcare marketers are finding themselves on uncertain ground when transferring even the most aggregated information among third parties.
At issue is a policy battle within the industry over the status of the Health Insurance Portability and Accountability Act of 1996 and how details of the new legislation should be interpreted and implemented in both the online and offline worlds. And with insurance profits, patient healthcare costs and privacy concerns increasingly at stake, the question has pitted industry lobbyists, government leaders and consumers advocates against one another.
Zoe Hudson, a senior policy analyst with the Health Privacy Project at Georgetown University, has characterized the situation as “a messy, complicated issue,” one he said “has a lot of tentacles.” Indeed, with new Internet technologies surfacing almost daily and the nation's overall privacy debate continuing unabated, marketers face a rapidly moving target of issues and rules but limited guidance.
Adding to the debate are at least five new bills on medical privacy pending in Congress. The government reports the Department of Health and Human Services is reviewing some 50,000 public inquiries on existing HIPAA rules slated for implementation later this year. Yet some industry leaders fear there is no firm indication that the government's review plan is going to offer the industry the clarity it's seeking.
The subject attracted several hundred participants at a panel held this week at the Internet Healthcare 2000 Conference in New York.
But Durjoy “Ace” Bhattacharyja, founder of Medicalrecords.com, New York, said ethics and common sense play a role. He sees major business opportunities for the steady-minded on the horizon.
Characterizing the service his company provides as “a lot like Quicken-brand financial software for your health information,” Bhattacharyja said Medicalrecords.com “provides a credible way of capturing and managing your personal information and, hopefully, helping you act on it to [your benefit].” However, he said the company had to spend a lot of time sorting out issues on privacy, noting it's a cultural issue as well as a technological one. “We eventually decided not to allow advertising on every section of our site. We've separated the content section from the service provider section.”
Still, Bhattacharyja acknowledges that compliance with the new regulations on privacy places tough challenges on nearly every company involved with consumers' medical records.
“HIPPA compliance is going to be the biggest issue for a lot these companies,” said Bhattacharyja. “But if you want to play in this market, you have to be [playing] by the rules on compliance. Otherwise, it's going to very expensive to backtrack.”
Marketers can visit the government's Health Care Financing Administration Web site at www.hcfa.gov to read copies of the proposed rules from the Federal Register.