Advancements in computers and technology have affected nearly every aspect of health care. Although many of the effects of modern technology have benefited health care, a vast increase in the amount of people with access to medical information has led to numerous privacy concerns. In response to these new problems, and at the direction of Congress through the Health Insurance Portability & Accountability Act of 1996 (“HIPAA”), Health and Human Services (“HHS”) implemented the Privacy Rule. The Privacy Rule “protects privacy by regulating the ways in which certain medical information may be used by certain entities.” The constitutional right to privacy is “narrowly conceptualized” and only applies to “fundamental rights,” which are rights that are “implicit in the concept of ordered liberty.” There is a gap between the fundamental privacy rights and all other privacy rights, which are left to the states and are generally covered only by tort actions. The disclosure or use of medical information is generally not considered a violation of a fundamental right. There has also been little support behind protecting personal information through property rights. The Privacy Rule will help keep disclosure of patient information to a minimum. Although not all the affects of the Privacy Rule are yet known, it is apparent that it will help bridge the gap between fundamental privacy rights and all other privacy rights, specifically the right to the privacy of medical information.
Kevin B. Davis, Privacy Rights in Personal Information: HIPAA and the Privacy Gap Between Fundamental Privacy Rights and Medical Information, 19 J. Marshall J. Computer & Info. L. 535 (2001)