Medical privacy
The 1996 Health Insurance Portability and Accountability Act (HIPAA) prohibited the use or disclosure of an individual's medical information unless specifically authorized by the individual or the law. Currently, the health records of many millions of Americans are being digitized and converted into electronic form. This will help improve patient care by enabling doctors, hospitals and health insurers to better share and analyze patient records when providing health care. However, these digitized records will also make it easier for researchers, government regulators, and unauthorized persons to access our medical information. The Obama administration has revised HIPAA rules to allow our digitized records to be securely shared by health care providers. To address privacy concerns, it has included provisions that attempt to give patients more control over their own medical information. One of these provisions allows a patient to prohibit a doctor from disclosing medical information to a patient’s insurer if that patient pays for treatment out-of-pocket. Another provision prohibits the sale of protected health information, and the use of it for marketing and fund-raising purposes. Additional HIPPA changes increase penalties and reporting requirements for privacy violations committed by business associates of health care providers who have access to private medical records. In the past, some of these sub-contractors have been accused of privacy breeches while working for health insurers.

Security experts say that health care information has become the most sought-after information by attackers in today's cyber battlegrounds, the value of which is outpacing that of credit card or other types of personal information. Since 2010, the Department of Veterans Affairs (VA) has experienced at least a dozen data breeches to its IT system which have compromised the highly sensitive personal data of many Veterans. Most of these hacks have been committed by nation states – the latest one occurring in Sept. 2014. However, the VA has yet to publically confirm the extent of this breech. Critics claim the VA is not adequately protecting our Veteran’s medical information, does not acknowledge data breeches, does not have the capability or skill set to know how to identify the attack vector, and does not cooperate with agencies which can assist with prevention methods.

Pending Legislation:
H.R.1017 - Veterans Information Security Improvement Act

Issue Suggestions

Suggest an important issue not listed in this sub-category (). (Maximum 60 Characters)

Poll Opening Date
May 21, 2020
Poll Closing Date
May 27, 2020

Democracy Rules respects the privacy of your information.