In 1996, Congress passed the Health Insurance Portability and Accountability Act(HIPPA), stipulating that federal legislators should pass the privacy measure by August 1999 (Trossman, 2003). They failed to do so, and the law required that the U. S. Department of Health and Human Services create privacy regulations, which were finally published in December, 2000, and were modified by the Bush Administration in August 2002. HIPPA set extensive Standards for Privacy of Identifiable Health Information to help guard the confidentiality of patient medical records (Stevens, 2004). As yet, the rules do not require specific technology or specific vendor solutions which would address problems in protecting individually identifiable patient information. This leaves individual healthcare institutions responsible for evaluating and justifying appropriate solutions for themselves.
However, many healthcare workers complain that the regulations are too complicated and are subject to interpretation (Trossman, 2003). A speaker at a meeting of the Radiological Society of North America (RSNA) a speaker pronounced that HIPPA was ôthe most confusing and anxiety-provoking nightmare to affect radiology in the United States in the past 100 yearsö (Harvey, 2004). PACS and radiology information systems (RIS) vendors have engaged in proactive planning. It is proposed that customers meet with vendors to identify needs and strategies to ensure patient confidentiality and security, collaborating to develop new software for this specific purpose.
For radiology departments, security and privacy are the elements of HIPPA which are most relevant (Harvey, 2004). These are important in the use of computer-based patient records, the electronic delivery of information, and the remote sharing of health information. HIPPA will have a critical impact on RIS and PACS because they deal with patient information. Severe penalties can be levied for non-compl...