Legislation protecting the privacy of medical records gathered momentum when Rep. Gary Condit (D-CA) introduced the Health Information Privacy Act of 1999 (HR-1941) last week. His new bill will protect the health and medical records of adults and children from unauthorized disclosure, as well as allow state governments and the Secretary of Health and Human Services to adopt such “additional protections” as they see fit.
It’s the second time in three months a bill to protect the privacy of medical records has been introduced in the House. In March Rep. Edward J. Markey (D-MA), who cosponsored the measure with 32 others, introduced similar legislation, the Medical Information Privacy and Security Act (HR-1057) as a companion to a bill by the same name (S-573) introduced in the Senate by Senator Patrick Leahy (D-VT).
Although Condit’s bill mirrors Markey’s measure in many ways, it would make it a federal crime for any one to disclose the medical, mental and physical health records of an individual without permission. Violators face a minimum fine of $10,000 and a prison term not to exceed 10 years. The bill also authorizes anyone whose medical privacy has been breached to sue for compensatory damages of up to $5,000 and unspecified punitive damages for each unauthorized disclosure.
Privacy advocate Robert Ellis Smith called Condit’s bill “the most progressive of the medical privacy protection bills introduced thus far in Congress as it does not pre-empt states, which largely regulates the medical profession, from instituting tighter controls over a person’s medical information.”
Smith, publisher of the Providence, RI-based Privacy Journal, also praised Condit for including the head of the Department of Health and Human Services in the mix because of the agency’s involvement in medicine through the Health Care Financing Administration (HCFA) which oversees the nation’s Medicare program.
