HIPAA impedes medical research

Stewart Baker on how the federal health privacy law makes it harder for scientists to reach out to patients who might be able to contribute useful information. [Volokh]

5 Comments

  • HIPAA impedes everything.

  • There are many factors impeding research. In order to do something, you have to go before an IRB at your base hospital. They rule on whether the research is a danger and other factors. In reality, they stop any free thought and their original purpose has been significantly subverted. In many instances, it is a political tug of war. Then there is the concept of evidence based medical care. Sounds good. You must have justification in the literature for doing something, or worse, not doing something. The consequence is that big pharma has polluted the literature with their concept of medical care. An example, statins (for treatment of cholesterol) are virtually useless and associated with much higher side effects than previously known (look up the NNT for you favorite). Then you have the concept of major trials. Doctors flock to these as they sometimes pay $5-10,000 dollars per patient enrolled. This is major bucks. It assures a positive review for you drug and most of the peer review publications have boards that are paid from these funds, thus little objective evidence is in the publications. Go to the ACC (American College of Cardiology) web site and look up the contributions to board and peer members. Also, note that many of these organizations, AMA included, back Obamacare due to money they will receive.

    So the whole system is broken.

  • HIPPA is a nightmare when you try to help Aunt Tessie after she slipped into a coma.

    But the federal government always ignores HIPPA when it serves its purpose.

    And yes, it is also a big obstacle to medical research.

  • HIPPA is a poster child for laws that end up doing a thousand times more damage than the original evil to be cured. It reminds me of my idea for a state/federal constitutional provision that “In every tenth year, this legislature shall pass no new laws. Instead, it will revisit the entirety of the laws passed. The legislature must consider the original goal of the law and whether that has been achieved, and at what cost. And laws that are completely sucking will be stricken.”

  • Caveat: We have a HIPAA data security firm. Having said that, you have to separate HIPAA Privacy and HIPAA data security. Yes, HIPAA Privacy, which has prevented the sharing of even simple demographic data , is a horribly written law, and has surely impeded progress in epdemiological studies. HIPAA data security, however, is about ten years behind the times, in providing for basic safeguards (from secured wireless networks to social media policies) to protect against unauthorized disclosure. A medical record is worth 15 times what your social security number is, for purposes of fraud. Think about that next time you go to the doctor or dentist and see all the folders laying around, or you log into the admin account of their wireless with a default password.