Second Thoughts in Congress on Preempting State Patient Privacy Laws

At least 1 key member of Congressseems to be backing away from the needfor a federal patient information privacystandard, which is anathema to mentalhealth groups. After hearings in a HouseEnergy and Commerce subcommitteeon March 16, a spokesman for RepNathan Deal (R-Ga), subcommitteechairman, said the congressman washaving second thoughts about preemptingstate patient information privacylaws. Deal and Rep Nancy Johnson (RConn),chairman of the Ways and MeansSubcommittee on Health, are the cosponsorsof HR 4157, which wouldallow the Secretary of the Departmentof Health and Human Services (HHS)to establish a national privacy standardthat would preempt state laws, many ofwhich give considerably more protectionto mental health information thanthe Health Insurance Portability andAccountability Act (HIPAA) does.

Todd Smith, deputy staff director toDeal, stated that in the aftermath of thehearings, the congressman is rethinkingsome portions of his bill. "His 2main concerns are that patient privacyis protected and that Congress doesn'timpede technology development,"Smith said. The implication is that Dealmay soften the bill's direction to theSecretary of HHS to come up with anational health information privacy standardthat would preempt stronger statelaws.

HIPAA's current privacy standardcan be trumped by state laws. That standardallows physicians, hospitals, andother providers to pass along a patient'sconfidential medical information forpurposes such as treatment, payment,and health care operations. That provisioncurrently can be superseded bytougher state laws. In addition, HIPAAdoes make an exception for psychotherapynotes. These cannot be disclosed ifthey are kept out of a patient's generalmedical records, according to James Pyles, the Washington representative ofthe American Psychoanalytic Association,who testified at the hearings.

Pyles said his group and other psychiatricand mental health organizationsthat are members of the Mental HealthLiaison Group oppose legislation thatwould allow the HHS Secretary to seta privacy standard that would overrideall state laws—especially a secretary inthe Bush administration, which, accordingto Pyles, "has not been a privacyfriendlyadministration." He added,"It is almost a sure thing that the secretarywould recommend preemption ofstate law."

The House bill directs the Secretaryof HHS to study and report to Congresswhether pertinent state laws and currentfederal standards should be conformedinto a single set of national standardsto preserve and protect the security andconfidentiality of patient health information.It then amends the SocialSecurity Act to "provide for establishmentof uniform confidentialityand security standards with respect toindividually identifiable patient healthinformation."

The Senate passed a bill (S 1418)last November that is significantlydifferent from HR 4157. It creates afederal/private sector group calledAmerican Health Information Collaborativeto recommend to the HHSSecretary uniform national policies tosupport the widespread adoption ofhealth information technology, includingthe protection of health informationthrough privacy and securitypractices. However, the Mental HealthLiaison Group believes this Senate billalso would lead to erosion of privacyprotections.