As more patient information goes digital, health providers, insurers and government officials are having a tougher time navigating the patchwork of state and federal laws that dictate what information can be shared without violating patient confidentiality.
“Frankly there’s a lot of confusion out there about what types of information can be shared, what parties can share this information and how the information can be used,” said Jane Hyatt Thorpe, co-director of Legal Barriers Project, a collaboration between George Washington University’s School of Public Health and Health Services and the Robert Wood Johnson Foundation.
The partnership created a new website called Health Information and the Law in late April in an effort to guide those seeking state by state information on privacy and security requirements for patient health data, Thorpe said.
Thorpe says that in addition to providing analysis about the Health Insurance Portability and Accountability Act (HIPAA) —the federal law that sets rules to protect patient confidentiality and security — the site details state laws and regulations that govern the use and exchange of health information. “What we were finding was a lot of confusion about what was possible and what was not possible [for health information sharing], and we thought it might be helpful if we could—in a centralized location—pull together federal and state laws to address the use and release of health information,” she said.
So far, the website includes information from 14 states, but Thorpe says the goal is to include laws and guidance from all 50. She said the site also plans to publish data from a 50-state survey on topics such as patient care quality and safety, as well as information on the updated HIPAA regulations, which are expected to be released this summer.