HIPAA marks 25 years as we revisit the relationship between consumers and the health information they share
Looking back at the major legislations that have transformed healthcare in the United States, the Health Insurance Portability and Accountability Act is an indisputable giant.
Break out the birthday candles—HIPAA turned 25 this year. And we’re taking a moment to revisit its evolution over the last quarter century.
It’s a good moment, too, to revisit the relationship between consumers and the health information they choose to share by taking a look at the results of a November 2020 Pulse Point Consumer Perceptions survey on the Consumer Health Data Value Exchange.
HIPAA celebrates 25 years
As the first national health privacy law in the U.S., HIPAA was enacted on August 21, 1996 when President Bill Clinton signed the legislation with a primary purpose of protecting the continuation of health care coverage for people who had lost or changed jobs.
What HIPAA did then and still does today is to simplify the administration of health insurance and provide coverage to employees with pre-existing conditions.
And while change has hardly come at a rapid pace, HIPAA has continued on its steady course of evolution from then to now.
How HIPAA has evolved in the years since its inception
For healthcare marketers, HIPAA today is most likely associated with the HIPAA Privacy and HIPAA Security rules.
They came into compliance in 2003 and 2005 respectively and have shaped national standards when it comes to protecting the medical records of individuals as well as other personal health information and its transmission and storage.
The HIPAA Security rule compliance, in particular, is designed to keep patient data safe through administrative security, physical security and technical security considerations.
In 2009, HIPAA’s HITECH act (Health Information Technology for Economic and Clinical Health Act) led to the adoption of electronic health records that helped to improve the privacy and security of healthcare data. Then in 2013, the HIPAA Omnibus Rule introduced new requirements to the HITECH act.
And while the Covid-19 pandemic in 2020 and 2021 did not bring changes to HIPAA Rules and requirements, the Office for Civil Rights announced three Notices of Enforcement Discretion that allow the waiving of penalties and sanctions for certain HIPAA violations during the current national public health emergency.
Understanding what consumers consider a fair exchange for their health information
HIPAA’s ongoing evolution aside, for healthcare marketers, one of the most important things to understand about consumers and their relationship with their health information is what they consider to be a fair exchange of value.
Taking a look at findings of a November 2020 PulsePoint Consumer Perceptions survey from a sampling of 1,264 respondents across age, income, gender and education bands in the U.S., it's possible to glean some valuable insight.
Overall, the survey’s responses point to two equal but opposite forces at work today. The availability of health data is becoming both more and less available at the same time—all while the government and industry continue to determine how we can and cannot use it.
As the world becomes more data-driven, the important thing to understand for marketers is where consumers draw the lines.
One of the most important takeaways from the survey comes in comprehending how and to what extent consumers support being targeted with relevant information about health products and services, without having to go to the doctor.
And while consumers definitely have an appetite for this information, according to survey results, notifications they get based on their clicks and searches are seen as less favorable.
In short, people want value and are willing to share certain health information to get it—but there’s an intangible line they won’t cross for whatever value we’re promising.
Understanding what kind of value justifies the sharing of health data for customers
Survey respondents pointed to two “no-brainer” situations in which they would support sharing access to their health data—those are drug interaction management and access to personal health information in the event of an emergency (for example, to prevent an ER doctor from making a potentially dangerous decision about a patient in a coma due to lack of information).
Particularly important to marketers, the survey showed that certain motivational incentives and discounts can help customers justify increased sharing of personal health data.
More than half of respondents (53 percent) said they would share their data with their insurance company in order to receive a meaningful discount.
But when it comes to changing behaviors to receive discounts, there is markedly more reticence.
Only 39 percent of survey respondents said they would take on required healthy behaviors intended to improve their health in order to receive discounts.
Consumers remain risk-adverse when it comes to sharing health information—proceed with caution
Among the biggest risk factors respondents see when it comes to sharing their data are fears of it falling into the wrong hands and leading to discrimination and fears of it being used for exploitative commercial purposes.
The overall takeaway from the survey is that healthcare marketers should proceed with accelerating data innovation—but in a cautious and informed manner.
Consumers are well aware of the fine line between receiving a service ad being exploited.
It’s important to frame use of consumer data as a value to the consumer instead of as a value to the healthcare professional or system.
The savviest marketers moving toward a greater reliance on 1st party data will succeed at communicating and educating consumers about new products and technology that roll out while remaining clear about what data is being saved and why.
Above all, it’s vital to effectively communicate how the sharing of health information directly benefits the consumer who is willing to share.