Dr. Eddy inquires, through a detailed analysis of relevant statutory provisions, whether it is likely that the HIPAA legislation or the Standards for Privacy of Individually Identifiable Health Information Regulations (SPIIHI) proposed by HHS will efficiently and cost effectively defend the privacy issues they were intended to safeguard. His paper critically analyzes the extremely broad and expensive course of action and tactics HHS has chosen to employ in this effort to determine whether HHS' proposal is an efficient use of health care dollars. To introduce his analysis, Dr. Eddy addresses the general concept of medical privacy and attempts to define what aspects of privacy that HIPAA and SPIIHI should protect. He challenges whether the proposed regulations are focused on existing problems and whether HHS has exceeded legislative mandates.

First Page