Sen. Rand Paul, M.D., (R-Kentucky) has presented a new bill that attempts to permanently remove the national patient identifier provision of HIPAA because of the privacy issues in implementing such a system.
At this time, HIPAA is most widely known for its healthcare data privacy and security rules, however, the national patient identifier system was recommended in the original HIPAA legislation of 1996 as a way to help in data sharing and minimize wastage in healthcare.
The provision mandated the HHS to implement standards for a standard unique health identifier for every person, employer, health plan, and healthcare company for utilization in the health care system. Nonetheless, in 1998, former Congressman Ron Paul (R-Texas), the father of Sen. Rand, presented a proposal which required a restriction on funding the development and implementation of such a system. The ban was presented into the Congressional budget for 1999 and continues to be included in all Congressional budgets since then.
This 2019 there was anticipation that the restriction would ultimately be removed after an amendment to the House of Representative’s appropriation bill for the fiscal year 2020. The change got strong bipartisan support and it was thought that the Senate would go along with the House’s lead and lift the ban at last. Nonetheless, on September 18, 2019, the proposed budget bill for the fiscal year 2020 of the Senate appropriations subcommittee included the same language as prior years and, as it stands, the prohibition is set to remain in place for at least one more year.
Sen. Rand Paul’s National Patient Identifier Repeal Act tries to revoke the HIPAA provision, which Sen Paul feels will place the privacy of Americans at stake. He considers the provision to be unsafe, as it would permit a government-issued ID number to be connected with the private medical histories of every man, woman, and child in the U.S.A.
It is for this reason that many of the healthcare industry stakeholder groups like the national patient identifier presented since without such an identifier, it is hard to correctly match medical records with the correct patient. Those looking to have the prohibition lifted think it will enhance the recision of health information exchange, security and patient safety.
Sen. Paul does not agree, as he is convinced there is a great potential privacy risk. The doctor-patient relationship depends on trust and privacy, having a national patient ID will jeopardize it. Considering how many devastating security breaches happening in our world, it is only unacceptable for the government to centralize some personal information of Americans.
Industry organizations like the College of Healthcare Information Management Executives (CHIME) have increased efforts to have the restriction lifted because of the problems in matching medical records with patients.
Russ Branzell, CHIME CEO, stated that Congress already okayed a healthcare identifier for beneficiaries of Medicare, however, a national identifier is still necessary. The patient identification talk is about saving people and allowing the potential of technology to transform healthcare whilst reducing costs.
While a lot of industry organizations have the same view as Branzell’s, certain privacy advocacy groups, which include the Citizen’s Council for Health Freedom, support Sen. Paul’s bill. People and groups advocating the removal of the HIPAA provision believe the centralization of patient information would significantly increase the possibility of security breaches allowing hackers to steal individuals’ lifelong healthcare documents and such a system would let unparalleled tracking of Americans through their healthcare records.