In a paper published in the Archives of Internal Medicine, researchers from the University of Michigan Cardiovascular Center report how their research on heart attack care has been hampered by the national medical privacy regulations under a law known as HIPAA, which took effect two years ago last month.
In all, they write, the changes needed to comply with HIPAA have led to a drastic drop -- from 96 percent to 34 percent -- in the proportion of heart attack survivors and chest pain patients who take part in follow-up surveys after they leave the hospital. The changes have also dramatically increased in the cost of performing the surveys, and skewed the data because certain kinds of patients are more likely to agree to participate.
Post-hospitalization surveys are crucial to helping quality-minded hospitals like U-M assess and improve their care. Patients' names and other identifying details are removed before their information is entered into a database. Doctors can use the database to find out what treatments and preventive measures help patients most, and what factors worsen their chances. This information helps doctors improve care at their own hospital, and can be shared with others to help them improve too.
But HIPAA's current language requires that even quality-improvement research using anonymous data requires a written authorization from patients before their medical records can be reviewed and before they can be contacted for follow-up phone surveys. HIPAA stands for Health Insurance Portability and Accountability Act.
The patient permission forms must comply both with the privacy regulations and another set of federal laws governing research -- which means they are often several pages long and compli
Contact: Kara Gavin
University of Michigan Health System