While HIPAA was enacted to protect the protected health information of patients, it appears hospitals are incorrectly citing HIPAA as a protection of their own interests, argues Charles Ornstein, a ProPublica healthcare journalist, in a report co-published on NPR.
Mr. Ornstein's suggestion that hospitals use HIPAA to protect themselves instead of their patients follows the recently reported incident at a Missouri hospital in which a hospital security guard told the mother of a patient that taking his picture violated HIPAA.
However, this rationale is not isolated to this incident, Mr. Ornstein writes, mentioning similar cases at a nursing home in Florida that claimed it could not cooperate with police investigations after an alleged rape against a resident, and when the U.S. Department of Veterans Affairs claimed employees initiating whistleblower suits regarding the agency's wrongdoings would violate HIPAA.
Deven McGraw, partner at Manatt, Phelps & Phillips specializing in healthcare, said in the report HIPAA in fact has provisions allowing investigating police officers and whistleblowers trying to share information.
"Sometimes it's really hard to tell whether people are just genuinely confused or misinformed, or whether they're intentionally obfuscating," Ms. McGraw said in the report.
More articles on HIPAA:
6 overlooked HIPAA practices to implement now
10 worst passwords of 2013: Is yours on the list?
7 myths of HIPAA security risk analysis