Say it Ain\’t So, HIPAA!

I\’m sure you get a lot of hate mail, especially from folks in my profession, so when you got this letter from me you probably assumed it was more of the same.  Let me reassure you: I am not one of those docs.  I do think patient privacy is important, and actually found you quite useful when facing unwanted probing questions from family members.  I believe the only way for patients to really open up to docs like me is to have a culture of respect for privacy, and you are a large part of that trust I can enjoy.  Yeah, there was trust before you were around, but that was before the internet, and before people used words like \”social media,\” and \”data mining.\”


But there have been things done in your name that I\’ve recently come in contact with that make me conclude that either A: you are very much misunderstood, or B: you have a really dark side.

The first situation has to do with my newfound infatuation with communication in health care.  I believe that the tools afforded by the internet tubes could really change care for the better; in fact, I think they could allow systems of care that could totally disrupt our malignant sick-care, cash-care system.  I\’ve found ways to communicate that you would approve of and have shared them with my patients.  They love it.  They love to connect with me while they have problems instead of paying for a visit and waiting in the office for a few hours for my help.  It\’s been really fun to see their enthusiasm.

So what\’s the problem?  It\’s the doctors.  Even though this communication system would allow them to give better care, allow us to collaborate without hassle, and bring back some of that \”doctor\’s dining room\” collegiality we\’ve lost, these doctors are afraid to use it.  No, they are terrified.  Asking them for their email address is taken to be as brash as asking for their credit card number or their wife\’s cell phone number.  I can see it on their faces: they picture headlines about doctors being sued millions for stolen laptops with patient files on them.  They hear the ravings at conference warning against the use of email for patient communication and the perils of using social media.  They see me as a temptress trying to lure them into the dangerous online neighborhood, full of federal agents waiting to pounce, lawyers eager to sue, and journalists anxious to put their photo on the front page of the paper.  OK, well, maybe the electronic version of the paper, but I was using a figure of speech.  Nobody reads the paper version any more.

The point is, my patients are getting worse care because of this fear.  I can\’t send a message to consultants explaining why I am sending them the patient, so they make a guess and order extra tests.  I can\’t put my thoughts together with a colleague on a mutual patient with a difficult problem.  All I get are forms to be filled out and faxed (although who knows where that fax as been?) and faxed notes with bits of information hidden under layer upon layer of E/M coding bubble-wrap.  It\’s worthless.  It\’s not communication at all, and it hurts my patients.

The second circumstance is more personal.  When I got the boo…left my practice last fall, I left behind 18 years worth of patient records.  Those are records documenting my decisions, my though processes, and my care of my patients.  Sure, they weren\’t the prettiest notes around, but they represented a lot of thought and care.  As I was heading out on my last day at the practice I was notified that, upon leaving, I would not have access to these records.  It seems that, despite the fact that these are records I personally wrote about my own interaction with my patients, I would be violating you if I looked at them.  This information is the property of the practice, and allowing someone who was no longer a member of that practice to view them would bring down swat teams of federal agents within seconds.  This, at least, was the opinion of the practice\’s legal counsel.

Having just gone through a divorce, I had no desire to argue with my ex\’s lawyer, so I took it like a soldier.  I figured I\’d just get information sent to me when I needed it.  In fact, I came upon another very secure solution to make this process easy and efficient.  But alas, the ex wanted nothing to do with my newfangled way of doing things, instead resorting to the high-risk behavior of faxing records (who knows where those fax machines have been?).  As fate would have it, our faxes didn\’t get along well, causing them to inundate me with duplicate faxes, a veritable Torrent of TIF\’s, a plethora of PDF\’s.  This has made it next to impossible to get records on my patients, making care of them much, much harder.  These are not just any records, they are my records of my care for my patients! 

Say it ain\’t so, HIPAA!

Do you really keep doctors from their records?  Do you really keep patients from good care?  Or is this simply a culture of paranoia that has propagated on ignorant doctors by fear-mongering lawyers, lecturers, and office administrators happy for the chance to intimidate the consumate intimidators?  Yes, flaunting medical records to anyone who throws you beads is a bad practice that will lead to regret in the morning, but preventing communication kills.  I thought better of you.  I thought you were there to protect people from careless talk, from snooping employers, and from front-office gossips.


So, I ask, is it you or is it those who wish to slander your name?  Are you a tool to protect, or are you a gag in the mouth of good care?

I anxiously await your reply.

Dr. Rob

10 thoughts on “Say it Ain\’t So, HIPAA!”

  1. Michelle Maertz

    As a (then) unmarried woman, my dearest friend who drove 650 miles and took two weeks out of his life to help me when I needed a hysterectomy had to wade through this nonsense as well. I listed him as the point of contact on no less than 10 Gazillion forms, but each time, he had to confirm his identity and our relationship. We’re now married, so it’s not as big a deal, but I can’t even pick up a paper prescription on his behalf from our mutual doctor because he forgot to fill out that part of the paperwork. Seriously? Insulin and Metformin? As if I don’t know he’s Type II? Hell, I’ve been involved and instrumental in helping to get and keep his numbers under control, working with his Endo doc on diet. 120 pound weight loss (by making simple diet changes without deprivation) in 14 months kinda speaks for itself. He was over 400 lbs., now clocking in at 280. Still a way to go, but that’s pretty awesome progress! (He’s a big guy. At 6’4″, he’d look like a cancer patient if he weighed 170 lbs. – I’ll settle for 240.) He’s also using a pedometer to measure his calorie burn in his role as an IT support specialist in a hospital system. That’s a LOT of walking!
    If his docs won’t talk with the cheerleader and master chef at this address, HIPPA is indeed doing more harm than good. I don’t even want to start on the complexity of getting any information about my mom’s health from 800 miles away. She listed my brother as the point of contact, so I get, “She had a good day today. She ate pineapple!” Now about that EKG and stress test…

  2. I, for one, do not want it automatic that all medical information can be given to spouses without permission. My husband has a ‘weird medical filter’ (in our PCP’s terms). If he heard “much improved” (as I am) he would interpret that as “healthy” and then question why I’m having flares, or unable to do abc or xyz. If the doctor said “this is a problem” he would then fret and worry over something as simple as “this medication shouldn’t be taken with that medication”. He doesn’t worry about things he should — and does worry about things he should. His last lab work showed significant increase in blood sugar — to the point he had to be tested for diabetes. His cholesterol was increased, but still well within normal limits, so no concern. What did he focus on? The cholesterol. He obssessed for WEEKS on the cholesterol number, that was well within normal limits and dismissed the blood sugar saying it was not possible for him to have diabetes because he is underweight (he is — significantly so). The fact that his m other is 20 lbs under weight and diabetic, my mother is 10 lbs underweight and diabetic aside — diabetes is only a disease of the obese so it’s not a concern.
    Consequently — I don’t want him getting my lab results and telling me HIS version of what the doctor said .. because I promise you, it won’t match. He, however, does want me to have that because I usually understand it better.

  3. Seems reasonable to me. The answer, of course, is for patients to have access to their own data in a shared record. It may make him freaky about the results (everyone has different levels of understanding) but that’s for the doc to sort out.

  4. agreed. 100% .. but we’re in OK .. and well .. we tend to run behind the times as a collective unit even if the individuals are not. We’ve only had electronic records be a common thing for less than 2 years. My pulmo has only had them for 6 months! My neuro still doesn’t … common shared? maybe by the time I finish my PhD in the far distant future (about 7 years if everything goes as planned .. and well .. nothing goes as planned 😉 ).

  5. I am suspicous that HIPPA keeps information from those that should have it (Dr.s and those we authorize) and shares it willy-nilly with any business that will pay for it. Sold just like our addresses and all our personal information. Hate it!

  6. HIPAA needs to go. In 1996 it originally was to standardize insurance claims from different formats of insurance companies, physicians, hospitals, into a standardized electronic format and to protect consumers of health insurance privacy from other health insurance companies from looking at past claims. It has now grown into this governmental Hydra like beast, with biggest concerns of how to protect patient privacy. It’s 2 opposing government strategies, the meaningful use of patient portals and access of their own info, interoperability between healthcare providers to access information to avoid duplication of tests to the opposite draconian rules under the guise of protecting patient privacy. One HIPAA violation was an obstetrician posting their “baby” pictures of all the newborns delivered. It’s patients that to have to be activists with their elected government officials to repeal HIPAA and it’s updates and pass a new legislation that makes sense.

    As to the comments of those having problems to have release of medical information, get a generic medical release form, fill out repetive information such name, etc. , leave blank the name of the organization and which records, date blank, but have it signed. Make multiple copies and fill in the blanks for each organization and release of information. Also write that there is no expiration date. Another simple solution for problems like Michelle Maertz is to get a medical power of attorney during her surgery for her friend and would solve all hassles such as for Ms. Maertz’ mother’ssharing of medical status.

  7. “So what’s the problem? It’s the doctors….. these doctors are afraid to use it. No, they are terrified.”

    Maybe the real problem is the lawyers!

    “Today we are flooded with rules and legal threats that prevent us from taking responsibility and using our common sense”

  8. I’m just wondering what the ways to communicate you found are. I’m a doc and I would love to know the specifics. (And what about the very secure solution you found for your old office to send you patient data?)

  9. ShareFile, by Citrix ( is the secure folder program. I use it for legal as well as medical docs. The other program is in Beta for now, but is basically a secure chat/email hybrid. Very nice. Patients love it. Won’t give the name right now, but I think it is coming out of Beta soon enough.

Leave a Reply