HIPAA's no absolute guarantee of medical privacy

HIPAA's no absolute guarantee of medical privacyFrom Government Health IT:

In what could be a landmark ruling, the Ohio Supreme Court has decided that the state'Â’s open records law supersedes the federal Health Insurance Portability and Accountability Act's privacy protections for medical records.

The decision may be the first in the country concerning a conflict between a state's open records law and HIPAA was at issue, attorney John Greiner said. He represented the Cincinnati Enquirer newspaper in its successful suit to compel the city to release information about landlords and homeowners cited for lead paint violations.

The health department'Â’s violation notice states that a child with elevated levels of lead in his or her blood lived in the house. The department argued that victims of lead paint poisoning could be identified once their addresses were made public.

I can see a compelling need to report lead paint violations to the government, but it is not clear that releasing the information in a way that allows individuals to be identified is wise. One can imagine a company merging the lead paint information with Google map information and an address book database to produce a map of a neighborhood, allowing anyone to zoom down and identify individual houses with lead paint violations and even the names of the kids.

Thanks to Mickey for the tip.