Excerpt from HealthItsecurity Article – Published on Oct 04, 2023

The American Hospital Association (AHA) is strongly objecting to a rule related to online tracking technologies, asserting that it violates established Health Insurance Portability and Accountability Act (HIPAA) regulations. Responding to a request for information from Senator Bill Cassidy, the AHA urged Congress and the HHS Office for Civil Rights (OCR) to reconsider the controversial rule.

AHA emphasized the efficacy of current HIPAA rules in protecting patient health data, opposing any changes that might introduce more challenges than benefits. The organization pinpointed two key issues. Firstly, it called for the withdrawal of OCR’s guidance extending HIPAA protections to online technologies associating an individual’s IP address with health-related web visits, even if unrelated to medical care. AHA argued that this interpretation could hinder hospitals from using crucial third-party technologies.

Concerns were raised about potential restrictions on technologies vital for information-sharing efforts, such as video tools, analytics, and location services. AHA warned that compliance might be further complicated if third-party vendors decline business associate agreements. The organization urged Congress to explore alternatives for requiring privacy protection, particularly for third-party entities not under HIPAA.

The second issue addressed by AHA pertains to the burden of varying state and federal privacy requirements. AHA recommended full federal preemption for HIPAA to establish a more uniform nationwide standard, asserting that the current mix impedes the sharing of patient information for coordinated clinical treatment. In conclusion, AHA stressed that, if interpreted correctly, HIPAA strikes the right balance between health information privacy and valuable information-sharing. The organization urged Congress to address challenges posed by varying state laws, which it sees as adding costs and complications for hospitals and health systems.

To delve deeper into this topic, please read the full article on Healthitsecurity.