Patient privacy and security are at the center of the recent Supreme Court case Gobeille vs. Liberty Mutual Insur. Co. The case will determine whether states have the right to access patient information obtained by self-funded insurance providers.
On September 3, the Association of American Physicians and Surgeons (AAPS) filed an amicus brief with the Supreme Court advocating in favor of patient data privacy, according to a press release.
As reported by HealthITSecurity.com, the case, which directly involves Vermont and Liberty Mutual Insurance, was originally tried in the Second Circuit, a federal appellate court. While Vermont claims that obtaining this sort of patient information allows it to monitor unnecessary procedures and make improvements in the statewide healthcare system, others argued that the information sharing posed a risk to patient health data security and violates the Employee Retirement Income Security Act (ERISA).The Second Circuit ruled in favor of Liberty Mutual Insurance, stating that patient privacy trumped any case that Vermont may have had.
“Vermont requires ERISA plans to record, in specified format, massive amounts of claims information and to report that information to third parties, creating significant (and obvious) privacy risks and financial burdens,” the Second Circuit ruled.
Vermont presented an appeal to the Supreme Court, and the Supreme Court granted a writ of cert, meaning that it agreed to hear the appeal.
In response to that action, AAPS filed an amicus brief with the Supreme Court emphasizing the importance of patient privacy in this case.
“Privacy of patient medical records cannot be protected in these massive government databases,” writes Andrew Schlafly, AAPS General counsel. “Hacking is widespread, and studies have shown that it is easy to re-identify patients even after many personal identifiers are removed.”
AAPS also maintains that the healthcare industry – not individual states – is better equipped to make changes to healthcare costs and effectiveness. In fact, AAPS notes, industry leaders will be able to make these changes in such a way that does not invade patient privacy.
“The medical profession can do a far better job of reducing healthcare costs, without invading patient privacy, than States can do in violation of it,” AAPS writes in its brief.
A recent article by HealthITSecurity.com explained that this case will ultimately be deciding the rights states have when it comes to making overarching changes to healthcare costs and implementation. However, health data security and patient privacy will be major considerations for the Supreme Court when coming to a decision.
The decision may also call into question various aspects of HIPAA regulations. Current HIPAA regulations state that PHI can only be shared between entities when both have had, either presently or in the past, a relationship with that particular patient. This case may potentially cause policymakers to reexamine that portion of HIPAA if Vermont is indeed granted the right to data collection.
Sign up to receive our newsletter and access our resources