HIPPA is the health care privacy act, passed in the mid 1990s, when the Internet was real, mandated fax transmissions and prohibited email and other Internet services. It froze Health Care technologically in the 80s at best. Why not mandate telegraph and hand delivered paper telegraph letters as well.
Now the HHS has issued a 563 page set of rules "updating" HIPPA. Try reading through this Administrative Law piece. The FCC documents are elegant compared to this.
As Medpage states:
The long-awaited rules enhance the Health Insurance Portability and
Accountability Act of 1996 (HIPAA), which governs health records and
patient information.
HHS is expanding the government's scope over healthcare providers,
health plans, and other entities that process health insurance claims to
include their contractors and subcontractors -- "business associates"
-- with whom they share protected health information.
Some of the larger breaches in patient privacy have involved business
associates, HHS noted in a press release announcing the rules.
"Much has changed in healthcare since HIPAA was enacted over 15 years
ago," HHS Secretary Kathleen Sebelius said in the release. "The new
rule will help protect patient privacy and safeguard patients' health
information in an ever expanding digital age."
The new rules increase penalties for noncompliance to a maximum of $1.5 million per violation.
The changes also strengthen the Health Information Technology for
Economic and Clinical Health (HITECH) breach notification requirements
by making clear when breaches must be reported to HHS.
Also, the new rules allow that, when a patient is required by a
provider to request records or documents in writing, the request may be
made electronically.
This is based upon old law, namely HIPPA, so we await what can come from the new law. One must be careful of what is a medical record, who is a business associate, and that $1.5 million fine is per incident. That may be one way to fund ACA.