WASHINGTON Financial services industry representatives played down a sweeping privacy regulation that the Clinton administration issued Wednesday but warned that, if it is not enforced properly, it could affect their access to customer health information.
The regulation, which takes full effect Dec. 28, 2002, would require that doctors, hospitals, health insurers, and other medical providers disclose their privacy policies and get explicit permission from patients an opt in before sharing medical information with another entity. Banks are not covered by the rule, which applies only to businesses regulated by the Department of Health and Human Services.
A general patient-consent form authorizing medical treatment includes a provision that allows for information to be transmitted to insurance companies and banks for payment purposes, according to the agencys summary of the regulation.
However, medical providers would have to get separate permission from patients to release information to financial institutions for mortgage and other lending decisions or to market insurance products.
Health insurance companies should not be able to share records with mortgage companies who might be able to use them to deny you a loan. That actually happens today, but under these rules, it will be illegal., President Clinton said at a ceremony unveiling the regulation.
Despite payment procedures included in the general patient consent, industry representatives are concerned that the regulation could inhibit the flow of customer information from doctors and hospitals to banking and insurance companies, which use it for such purposes as underwriting and claims processing.
To the extent that the payment system is interwoven, it could have direct implications for banks and processing," said Joe Belew, president of the Consumer Bankers Association.