Struggles with State Privacy Laws?

Each of the 50 states has its own unique quirks and traditions, from state flowers and landmarks to truly bizarre state and municipal laws. Also varying significantly from state to state: privacy laws, which can cause headaches for health care organizations and providers operating in multiple jurisdictions—along with their patients. As Fierce Healthcare first reported, experts speaking at last week’s Health Datapalooza highlighted the challenges that confusing, varied state privacy laws can bring when it comes to compliance. Said Ann Waldo, an attorney who focused on health care privacy matters, to audience members, “The dirty secret is very few people understand these laws and very few people comply with them.”

Waldo candidly discussed the impact of the state-by-state differences—particularly at a time when more and more patients are demanding more streamlined, electronic access to their personal health care information, and when many health care organizations have expressed interest in investing in digital health services. Some of these different state laws, she noted, may even directly contradict each other, leading to headaches for organizations and providers that serve patients in more than one state. Beyond causing confusion for organizations and providers, she added, the laundry list of state privacy laws can have a chilling effect on innovation, particularly when it comes to digital health. The solution? For her part, Waldo “advocated for wiping out the thousands of regulations and starting over with a blank slate,” Fierce Healthcare reported.

The conversation at Health Datapalooza echoed arguments made in a recent AHIMA Journal piece on the relevance of HIPAA 20 years after it first became law. As we noted at the time, AHIMA’s Mary Butler pointed to some of the challenges the law faces, including having to account for significant technological advances since its passage and a lack of understanding of what the law actually governs. Butler also characterized varied state privacy laws, which are sometimes more stringent than HIPAA, as complicating the situation for organizations and providers.

Click here for the article from Fierce Healthcare on issues with state privacy laws.


Leave a Reply