A new report from the Institute of Medicine of the National Academies (IOM) concludes that the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA) does not protect privacy as well as it should and impedes health research.
The report recommends either the adoption of a new framework to ensure health record privacy or revision of the Privacy Rule. A new framework would improve the privacy of personal health data in research by reducing variability in the ethical oversight of research and by placing a high priority on strong security protections. If the existing rule is retained, IOM urges measures that would reduce variability in interpretations of the rule.
IOM also stresses the need for three additional changes:
• All health research institutions should take strong measures to safeguard the security of personally identifiable health information.
• HHS should support the development of new security technologies and self-evaluation standards.
• HHS or Congress should provide reasonable protection against civil suits for volunteer members of Institutional Review Boards and Privacy Boards.
Read the report.
