HIPAA is actually a good idea, I didn't understand what it was before but

after reading its explanation and purpose in a "Privite Insurance Crash Course" released by the Henry J. Kaiser Foundation (no affiliation to the HMO), I think its a good idea.

Though I'm not sure why the ultra secrecy on health information was the major consequence from it, I'll have to read more on it.

But HIPAA is essentially consumer protection legislation to protect people who have lapses in insurance coverage between jobs, or switching from employer provided insurance to private individual coverage. It prevents employer insurance discrimination based on health status, and reduces the amount of time a newly enrolled policy holders can be denied covergage of "preexisting conditions" when the sign on to a new plan.

Its a good idea, I know health professionals complain about it, but consumers should be glad that legislation like this is in place.

that HIPAA, which is a wide ranging bill, was a good thing overall. The bill essentially did three things:

1) Mandated certain insurance reforms, such as COBRA, pre-existing condition carryover from one policy to another, etc. This portion was/is a good thing.

2) Mandated standardized codes and forms/electronic transactions for all health insurance claims. This is also regarded as a good thing (previously every insurance company would have slightly different codes, and often the same insurance co. from region to region).

3) Required data security minimums for storage of medical information -- things such as files kept in locked offices, etc. This was good.

4) Enacted legislation regarding the dissemination of "Private Health Information". The result of this legislation is a bad thing.

-- it requries doctors/hospitals to turn over medical records to the SS or DHS on request if for "national security" purposes

-- it essentially provides no protections for the patient. If you look at the HIPAA notice of information from most practices -- especially hospitals -- the loopholes are so large you can drive a mack truck through it.
Can release any info to another health provider for treatment
Can release any info to anyone for payment
Can use data for research if approved by an Instiutional Review Board
Can use the data in any way needed for "health care operations".
The disclosure log that the provider must keep is exempt from the above.

The exemptions are much broader than they ever were under most state laws, espcially the disclosure for treatment and payment purposes. The log is nice I guess, but it will only have releases that you have signed anyway. One possible advantage is that you have the right to see your medical records -- which you pretty much always did. The exception to this, as always, is if two providers (usually physicians) decide that seeing the data would harm you.