Editorial: How Does HIPAA Improve Healthcare?
Questions are often sent to HIPAA Journal about the Health Insurance Portability and Accountability Act, one of which is how HIPAA has improved healthcare. In this article, I explain some of the main ways that healthcare has been improved by HIPAA for healthcare providers, health plans, and patients.
How Does HIPAA Improve Healthcare?
There has been a lot of criticism about HIPAA in the past and it continues to be a pain point for many healthcare providers. Compliance with the HIPAA Rules can be challenging, and healthcare professionals may feel that HIPAA unnecessarily limits their ability to deliver healthcare efficiently.
While the HIPAA Rules may be a cause of frustration and seem overly restrictive is some respects, HIPAA has done a great deal to improve healthcare. To appreciate some of the key benefits of this landmark piece of healthcare legislation, you need to cast your mind back to before HIPAA was signed into law in 1996 – Several years prior to the introduction of the HIPAA Privacy and Security Rules, for which HIPAA is now best known.
HIPAA Made Health Insurance Portable and Improved the Continuity of Coverage
The main purposes of HIPAA, at least at the time when the legislation was first introduced, had nothing to do with healthcare data privacy and security. One of the main goals of HIPAA was to ensure the portability of health insurance and the continuity of health insurance coverage when people lost or changed their jobs. Prior to HIPAA, many people felt they were stuck in their jobs because they rightly felt that if they were to leave their employment, they would lose their health insurance coverage. This was known as job lock and was common, as most Americans have health insurance provided by their employer and an employee could not take those benefits with them when they left employment. The change brought about by HIPAA helped to improve labor market mobility by ensuring healthcare benefits were not lost.
Get The FREE
HIPAA Compliance Checklist
Immediate Delivery of Checklist Link To Your Email Address
Please Enter Correct Email Address
Your Privacy Respected
HIPAA Journal Privacy Policy
HIPAA Improved Efficiency and Reduced Waste and Fraud
Another important goal of HIPAA was to improve efficiency in the healthcare industry and reduce the considerable administrative burden on healthcare organizations. Prior to HIPAA, a great deal of time and money was wasted on inefficient processes, it was easy to mismatch patient data, and the process of conducting eligibility checks was cumbersome. This was largely due to there being no national standards for all healthcare organizations to adhere to, and that resulted in an incredible amount of wastage. The cost of that inefficiency reduced the profits of healthcare organizations and ultimately meant higher costs for patients.
Inefficient processes and the lack of standards created an environment ripe for abuse, and there were considerable losses to healthcare fraud, such as healthcare providers submitting fictitious claims and charging for services that were unnecessary, which contributed to the rising costs of healthcare. The losses to healthcare fraud prior to HIPAA being signed into law had risen to around $7 billion per year. The improvements made to efficiency through standardizing healthcare transactions and the use of the same code sets by everyone have helped to keep the health insurance premium costs down and reduce the potential for fraud. Healthcare costs may currently be high, but they would be considerably higher were it not for HIPAA. In the 1980s and 1990s, healthcare costs were rising by around 10% per year, whereas after the introduction of HIPAA the increases have been around half that level.
The improvements to efficiency through the standardization of healthcare transactions have also helped to improve patient safety by reducing medical errors. While patient mismatching does still occur – there is still no national identifier despite it being a requirement of HIPAA in 1996 – HIPAA has helped to improve patient safety.
HIPAA Improved Patient Privacy
HIPAA called for the Secretary of the Department of Health and Human Services to recommend privacy standards, which lead to the introduction of the HIPAA Privacy Rule. While the Privacy Rule has been heavily criticized – sometimes justly – It has greatly improved healthcare for patients by ensuring the privacy of their healthcare data.
The restrictions on uses and disclosures of healthcare data imposed by the HIPAA Privacy Rule have huge benefits for patients. The HIPAA Privacy Rule prohibits disclosures of patient information to people who do not have a legitimate reason for having that information and limits disclosures without patient consent. The Privacy Rule prohibits healthcare workers from discovering the healthcare secrets of their acquaintances, co-workers, and neighbors. It stops receptionists from accessing the intimate healthcare information of patients.
By ensuring patient privacy, patients are more likely to feel comfortable sharing sensitive information with their caregivers, knowing that it is not permitted for that information to be discussed or shared outside of the care setting. That gives caregivers more information, which can be used to make better-informed decisions, deliver better patient care, and achieve better patient outcomes.
The HIPAA Privacy Rule has also allowed patients to restrict with whom their healthcare information can be shared, allowing them to prevent certain family members from accessing their data or having sensitive medical information shared with their employer.
The HIPAA Privacy Rule also gave patients the right to obtain a copy of their healthcare data, which empowers them to take a more active role in their own healthcare and share their healthcare data with whomsoever they wish. If a patient wants to change healthcare providers, they can take their records with them, which means avoiding having to cover the cost of having medical tests repeated.
Patients can check their healthcare information for errors and have those errors corrected. They can identify any misrecording of their information or mismatching of healthcare data. Patient safety has been improved by involving patients more in their healthcare.
Before the HIPAA Privacy Rule was introduced, healthcare providers did not have to provide patients with a copy of their healthcare data at all, and if they did agree to share the information with patients, there were no restrictions on what they could charge for doing so.
HIPAA Protects Electronic Healthcare Data
The move to electronic health records helped to improve efficiency in healthcare but increased the potential for healthcare data to be viewed by unauthorized individuals. In the digital age, many safeguards are required to keep electronic data protected.
The HIPAA Security Rule requires covered entities to anticipate threats and proactively take steps to safeguard against them. The HIPAA Security Rule sets minimum standards for data security that all HIPAA-covered entities are required to implement, which helps to keep electronic healthcare data private and confidential. Many of the healthcare data breaches that are now being reported are due to errors and failures to fully comply with the minimum standards of HIPAA.
Another benefit of HIPAA is patients and health plan members must be told about any breaches of their personal healthcare data, which allows them to take steps to protect themselves against identity theft and fraud. Without the HIPAA Breach Notification Rule, there would be no federal requirement for healthcare organizations to notify patients about breaches. Individual states would be left to decide on whether notifications were necessary and how quickly they would need to be provided.
You only need to look at the current patchwork of laws at the state level to see how much privacy and security protections vary depending on where people live. HIPAA has created standards for the privacy and security of healthcare data that apply across the United States and territories, ensuring minimum standards must be met, no matter where a person lives.
Summary
These are just some of the main ways that HIPAA has improved healthcare: Ensuring the continuity of health insurance coverage, improving efficiency, reducing the potential for medical errors, combatting the considerable amount of fraud and abuse in healthcare, giving patients rights over their healthcare data, and protecting patient privacy and preventing unauthorized access and disclosures of healthcare data.
HIPAA has helped to reduce the cost of healthcare, has improved patient safety, and helps to protect Americans from identity theft and fraud. HIPAA may be far from perfect, but the benefits of the legislation and subsequent amendments are considerable.
Steve Alder, Editor-in-Chief, HIPAA Journal
