Skip to Content

Why the HIPAA Privacy Rules Would Not Adequately Protect Personal Health Records

This brief explains why the HIPAA Privacy Rule, in its current format, would provide weak privacy protection for personal health records (PHRs) offered by employers and Internet companies. The brief argues for stronger protections regarding marketing and commercial uses of information in PHRs and advocates for the Federal Trade Commission (FTC) to be involved in developing and enforcing those protections.