This article argues that HIPAA legislation has a severe flaw within its architecture, which has compromised patient privacy. Although the drafters of the legislation recognized the importance of providing comprehensive federal legislation to improve regulatory uniformity amongst states, they failed to recognize the importance highly specific ("granular") technical requirements play in facilitating improved privacy for patients. HIPAA rules surrounding technology implementation give too much latitude to covered entities, and as a result, provide inadequate protection to protected health information. HIPAA rules should be amended to mandate baseline technical ("granular") standards to ensure uniform efficacy in the safeguarding of protected health information.
Northern Illinois University Law Review
"How the Lack of Prescriptive Technical Granularity in HIPAA Has Compromised Patient Privacy,"
Northern Illinois University Law Review: Vol. 30:
3, Article 5.
Tim Wafa, How the Lack of Prescriptive Technical Granularity in HIPAA Has Compromised Patient Privacy, 30 N. Ill. U. L. Rev. 531 (2010).