What Does The HIPAA 'Marketing' Provision Mean To Consumers?
How do you feel about your pharmacist or physician maybe being paid to have others send you marketing messages or drug promotions?
While many consumer and privacy advocacy groups have been vocal about the Health Insurance Portability and Accountability Act's marketing rules, the consumer pick-up has been minimal. How do you feel about your pharmacist or physician perhaps being paid to have others send you marketing messages or drug promotions? Does it make any difference if they can do it under your pharmacist's or physician's name? Are you worried that your pharmacy might be sending you alternative drug-therapy recommendations without informing your physician? Or does the convenience of learning about alternative therapies or being reminded to renew your prescriptions outweigh your concerns?
Do you trust a contractor who has entered into an agreement not to divulge your personal health information not to betray that trust? Do you trust them more than if the drug manufacturer itself had possession of that information and agreed not to share it further?
Did you even know about this practice? I didn't. When I first learned about The Privacy Rights Clearinghouse's litigation (see "Albertsons Sued Over Customer-Data Privacy ), I was appalled that a drugstore chain would market to their customers, allowing the drug manufacturers to deliver their messages couched as the pharmacists themselves. I was certain that HIPAA covered this and started making some phone calls to health-care privacy experts I knew. That's when I found out about the changes in the HIPAA rules since I had last researched this issue. The more I learned, the more shocked I became. After a careful review of what was going on, I decided I still wasn't happy about receiving unsolicited marketing material--of any kind. (Interestingly enough, the younger generation appears less shocked: my 25-year old daughter says she's not surprised to see a pharmacy behaving as a retail provider engaged in marketing efforts, rather than as a health-care provider.)
Yes, I would like to get a reminder of a prescription refill, or suggestions about new medications or treatment options. But I want to know that my health-care personal information is secure and private--that it's not being shared with marketers. I also want to know that any communications I receive from my physician or health-care provider are based on my best interests, not how much they're paid to market products and services to me.
So, is this a privacy issue? Or is this a fiduciary and professional level-of-care issue? You decide. But the more we know about how things work, the more we can make that decision for ourselves. It makes the difference between throwing these communications in the trash or acting on them. You decide.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.