When the Health Insurance Portability and Accountability Act was passed in 1996, its direct intent was not to ensure privacy of patient healthcare records. Instead, as is evident in the complete title of the provision, it was implemented as “[a]n act to amend the Internal Revenue Code of 1986 to improve portability and continuity of health insurance coverage in the group and individual markets, to combat waste, fraud, and abuse in health insurance and health care delivery, to promote the use of medical savings accounts, to improve access to long-term care services and coverage, to simplify the administration of health insurance, and for other purposes.” However, as debates over definition and implementation have been settled, HIPAA has become a regulatory patient-privacy guideline of sorts whose aim is to ensure that health records stay in the hands of approved parties and are used in a manner deemed appropriate by newly-composed standards. Yet, with nearly constant advances in electronic health records, medical technologies, and health IT, HIPAA has struggled to keep up with the growing demands of an expanding healthcare field.
This has led to a reversal of the intended impact of the HIPAA law of 1996. Rather than improving portability and continuity of health insurance, HIPAA makes the transfer of patient information more challenging. Instead of combatting waste, HIPAA has increased the burden on physicians, insurers, hospital administrations, and other healthcare providers to provide a specific form of data security that ultimately has had only questionable improvement on data safety. As medical technologies increasingly leverage the power of cloud computing, telemedicine, and collaborative tools to provide markedly improved quality of care, conflicts often arise around how to maintain patient data security while allowing these breakthroughs in medicine access to patient data. The issue of data privacy and security has again come into the foreground of debate, and as healthcare technologies evolve, all stakeholders in healthcare, from patients to physicians to lawmakers, must ask themselves an important question: how should one balance patient privacy with patient care?