The IRS Scandal: Implications for HIPAA and the Affordable Care Act

As my head reels at the implications of the IRS scandal mushrooming in Washington, the IRS’s recently disclosed ability to access e-mails without warrant, the intricacy of the NSA PRISM wiretap techniques that includes their ability to acquire tech firms’ digital data, and even the Justice Department’s ability to secretly acquire telephone toll records from the Associated Press, I wonder (as a doctor) what all this means for the privacy protections afforded by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in our new era of mandated electronic medical records.  Are such privacy protections credible at all?

It doesn’t seem so.

Now it seems everyone’s health data is just as vulnerable to federal review as their Google search data.  This is not a small issue.  We have already seen that discovering “leaks” of personal health information has produced some very handsome rewards for the feds, so it is not beyond reason to think that HIPAA might also be a funding tool for our government health care administration disguised as a beneficent effort to protect the health care data of our populace.

But even more concerning is the role the IRS scandal has for America’s health care system.  After all, the Affordable Care Act is ultimately funded by the IRS by administering some 47 tax provisions.  These include the right to levy a penalty against businesses and individuals who don’t provide or acquire insurance and determining how to distribute annual subsidies to 18 million people who make less than $45,000 a year and thus qualify for subsidies in buying health coverage. In addition, the agency will collect taxes on medical devices and a surtax on people making more than $200,000 a year, as well as conducting compliance audits of tax-exempt hospitals.

We are left to wonder: given the IRS’s recent actions in favor of one political party, could other aspects of our evolving health care system be similarly politically targeted?  What if the government agencies turn a disapproving eye on physician-run hospitals or independent concierge medical practices?  What if the market place emergence of a two-tier health care system is systematically crushed?  For these types of concerns we instinctually rely on a fair, beneficent government, but these latest revelations challenge that assumption.

To the political class, the ends always justifies the means.  Now, we’re seeing that the means includes stealth digital tracking, e-mail browsing, and wiretaps.

Health care data protection by HIPAA?


We should think about the far-reaching implications of what we’re seeing from our government agencies as we turn the reins of health care financing over to them lock, stock, and barrel.  Perhaps Peggy Noonan said it best:

What does it mean when half the country—literally half the country—understands that the revenue-gathering arm of its federal government is politically corrupt, sees them as targets, and will shoot at them if they try to raise their heads? That is the kind of thing that can kill a country, letting half its citizens believe that they no longer have full political rights.

Those who think this is just business as usual are ahistorical, and those who think nothing can be done, or nothing serious should be done, are suffering from Cynicism Poisoning.

In the blink of an eye, HIPAA privacy protections now seem small.

Very, very small.

Addendum: Thanks to @BillHart46 for pointing me to this: Suit Alleges IRS Improperly Seized 60 Million Personal Medical Records.

Westby G. Fisher, MD, (aka Dr. Wes) is a board certified internist, cardiologist and cardiac electrophysiologist practicing at NorthShore University HealthSystem in Evanston, IL. He is also a Clinical Associate Professor of Medicine at the University of Chicago’s Pritzker School of Medicine. He blogs at Dr.Wes, where this post originally appeared.

5 replies »

  1. There is so much corruption and power grabbing. Where do I start? You said it best, with one revision.

    HIPAA is for the hospitals and workers there who are so busy with their faces buried in computer screens clicking in orders, that they hide behind HIPAA in order to refuse to take the time to talk to loved ones about their sick relative. Despicable.

    As for the IRS surveillance for PPACA, eerily scary, as is the Feds surveillance of you and me on calls and internet.

    Freedom is evaporating, and Osama is laughing at Obama.

  2. Please add the IRS overreach of retroactively legislating (in clear violation of the plain wording of the Act) by IRS internal ruling that subsidies are available to federally established exchanges. Couple that with the IRS determining there is a tax on individuals and smaller employers in states with no state established exchanges, which is clearly contradictory to the plain wording of the Act and the stated intentions of those crafting the Act. But hey, what’s 60,000,000 medical records and $800,000,000,000 in new illegitimate taxes among friends.
    The administration and democrat controlled congress knew they needed the states to establish the exchanges since there was not enough time or money for the feds to do so. (Side note, PPACA allocated $1 billion for establishing exchanges. California has already spent over $1.1 billion on theirs alone and has made the details secret). Since they could not require the states to do so, they offered the “carrot” of subsidies to states that did and the “stick” of no subsidies to the states that did not set up an exchange. Now, 30 plus states are not setting up exchanges. What to do? That’s right, have a hundred or more meetings with the IRS commissioner to explore the idea of the IRS simply determining on their own, in violation of the Act and the Constitution, that they will administer a tax not passed by congress and rewrite the legislation outside the legislature. Your money or your health…

  3. Massachusetts physicians are concerned about an amendment to a state law that would require them to show proficiency in the use of electronic health records (EHRs) sufficient to meet the federal Meaningful Use criteria — or risk losing their medical licenses in 2015. And the IRS will know who that is too.