TRENDING:

Access Management , Governance & Risk Management , HIPAA/HITECH

Bill Would Kill Prospect of National Patient Identifier

Sen. Rand Paul Seeking to Throw Out HIPAA Identifier Requirement Marianne Kolbasuk McGee (HealthInfoSec) • September 26, 2019    
Bill Would Kill Prospect of National Patient Identifier
Sen. Rand Paul, M.D., R-Ky., is seeking to repeal HIPAA's unique patient ID provision.

Proponents of the potential adoption of a national unique patient identifier had been hopeful that the Senate would follow the House’s lead in lifting a 20-year ban on funding for federal regulators to work on development. But now they face two substantial hurdles.

See Also: HIPAA Compliance: What The Healthcare Industry Needs To Know

On Tuesday, Sen. Rand Paul, M.D., R-Ky., citing privacy concerns, introduced a bill that proposes to permanently kill prospects of a national unique patient ID.

And on Sept. 18, the Senate appropriations subcommittee released a proposed fiscal 2020 budget bill that would retain the long-running ban on the U.S. Department of Health and Human Services funding to "promulgate or adopt any final standard for ... the assignment of a unique health identifier for an individual." (See: Senate Budget Bill Would Keep Patient ID Ban Intact)

Paul, who is a physician, says his legislation, the “National Patient Identifier Repeal Act,” aims to overturn “a dangerous provision of existing law requiring the creation of a ‘unique health identifier'.”

He’s proposing repealing a provision in HIPAA, enacted in 1996, that calls for HHS “to adopt standards providing for a standard unique health identifier for each individual, employer, health plan and healthcare provider for use in the health care system.”

Legacy Provision

While that provision has been on the books for more than 20 years, Congress has annually renewed a ban on HHS providing funding to develop or adopt a national unique patient ID.

Paul’s father, former Congressman Ron Paul, R-Texas, introduced a proposal in 1998 to restrict the use of federal funds to develop the identifier that was adopted by Congress. And such a ban has been continually renewed annually since, a statement on Rand Paul’s website notes.

In June, however, the House of Representatives approved an amendment to remove the HHS funding ban for patient IDs from its proposed appropriation bill for fiscal 2020.

”Enacting the [House] bill into law with this amendment or a similar provision would open the floodgates for a government-issued ID to be linked with the private medical history of every man, woman, and child in America,” the senator says in a statement.

”As a physician, I know firsthand how the doctor-patient relationship relies on trust and privacy, which will be thrown into jeopardy by a national patient ID,” Paul says. “Considering how unfortunately familiar our world has become with devastating security breaches and the dangers of the growing surveillance state, it is simply unacceptable for government to centralize some of Americans’ most personal information.”

The senator also notes that prior to introducing his proposed legislation, he advocated for keeping language banning federal funding for the unique health identifier in the proposed Senate version of the Labor-HHS appropriations bill, which is still pending.

Will It Gain Traction?

Supporters of lifting the ban argue that a unique patient ID could improve the accuracy, interoperability and security of health information exchange and enhance patient safety.

Some of those proponents of lifting the ban predict that Paul’s bill will not gain much traction in Congress

Because the House approved lifting the HHS funding ban, and an earlier attempt by Paul to add an amendment to kill unique patient IDs in another Senate health bill failed, Paul is “facing an uphill battle” with his latest measure, says Leslie Krigstein, vice president of congressional affairs at the College of Healthcare Information Management Executives.

On Tuesday, the same day that Paul introduced his bill, CHIME and a few other health IT industry groups hosted a “Patient ID Day” in Washington to rally support for lifting the ban.

”If patients understood the risks that they face each time they go to the doctor, they’d be astounded and be quite hesitant to seek care,” Krigstein tells Information Security Media Group.

"The 2016 National Patient Identification Misidentification Report cites that 86 percent of respondents said they have witnessed or know of a medical error that was the result of patient misidentification. This is something that should keep us up at night.”

Big Brother Worries

But some privacy advocates strongly support Paul’s legislative proposal.

”We fully support repeal of the HIPAA requirement that the federal government issue every American a national patient ID. We are grateful to Senator Paul for his strong support for patient privacy rights,” says Twila Brase, president of privacy advocacy group Citizens' Council for Health Freedom.

”Most Americans don’t know the truth about HIPAA in general, for example the fact that it’s a data-sharing rule, not a privacy rule,” she says.

“The fact that HIPAA authorizes a federal number that will make all confidential information in all electronic health records of all patients available online in a trackable, fully linked, comprehensive medical record remains unknown to most Americans.”

Previous
Cisco: Hacking Group Targets US Veterans
Next
DoorDash Says 4.9 Million Records Breached

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's HealthcareInfoSecurity.com media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.



Around the Network

Identity Security and How to Reduce Risk During M&A
Identity Security and How to Reduce Risk During M&A
Medical Device Cyberthreat Modeling: Top Considerations
Medical Device Cyberthreat Modeling: Top Considerations
Properly Vetting AI Before It's Deployed in Healthcare
Properly Vetting AI Before It's Deployed in Healthcare
Is It Generative AI's Fault, or Do We Blame Human Beings?
Is It Generative AI's Fault, or Do We Blame Human Beings?
How 'Security by Default' Boosts Health Sector Cybersecurity
How 'Security by Default' Boosts Health Sector Cybersecurity
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
How the NIST CSF 2.0 Can Help Healthcare Sector Firms
Safeguarding Critical OT and IoT Gear Used in Healthcare
Safeguarding Critical OT and IoT Gear Used in Healthcare
Evolving Threats Facing Robotic and Other Medical Gear
Evolving Threats Facing Robotic and Other Medical Gear
Transforming a Cyber Program in the Aftermath of an Attack
Transforming a Cyber Program in the Aftermath of an Attack
Protecting Medical Devices Against Future Cyberthreats
Protecting Medical Devices Against Future Cyberthreats

Continue »

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.