Unintended Impacts One major unintended impact of HIPAA would be the fact that

Unintended impacts one major unintended impact of

This preview shows page 8 - 10 out of 15 pages.

Unintended ImpactsOne major unintended impact of HIPAA would be the fact that it put a large target on the backs of healthcare providers and health plans. By requiring the privacy and security of health data, it created a challenge for hackers. In 2015, 78.8 million of Anthem’s members had their privacy breached with the largest healthcare breach to date. In that same year there were another 113 million medical records compromised in one way or another (Akpan, 2016). With a security breach, there are several ways for harm to come to the affected patients or members. In addition to having their personal health information put out in the public, they could also become victims of identity theft. By having their personal information made public, it is possible for them to lose their job or lose health care coverage, they could be put into danger if someone they knew found out about a health status. RecommendationsEfficacyThe goal of HIPAA is to protect patient health information and to prevent that information from being accessed without the patients’ consent (CDC, 2018). Based on that goal, HIPAA has been successful and has not created negative consequences to the population it is trying to protect. This is due to the robust national standards set by congress through HIPAA and the HITECH act. A positive consequence of HIPAA is that patients are now more involved in their own healthcare decisions. By having access to their own personal health information (PHI) patients can make more informed decisions about their health. Previously without access to their PHI, patients had
to rely solely on what providers told them, and often they were denied access to their own records. Areas of ImprovementWhile HIPAA has proven itself to be a useful tool for protecting patient data, it should be remembered that the P in HIPAA does not stand for privacy, rather it stands for portability. The privacy part was a result of that portability. It was understood that while allowing for easier movement of patient data, security must be in place to ensure the privacy of that data (Butler, 2017). An area of improvement would be to include language specifically around protection of privacy. For example, currently HIPAA only applies to those providers who accept insurance, those who do not, are not subject to the HIPAA guidelines and penalties. Another area of improvement would be to periodically review HIPAA to ensure it is keeping up with all the new and updated technologies out there that could possibility result in a data breach. When HIPAA was created, breaches were mostly paper based, and the future of health information management was not taken into consideration. This could be achieved by requiring data encryption, which is currently voluntary. Currently, only 59% of all healthcare organizations utilize a full-disk or partial encryption software to protect their data (HIPAA Journal, 2015).

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture