Jim Harper over at CATO @ Libertysardonically points out that in a recent enforcement action against Cignet Health for violations of the Health Insurance Portability and Accountability Act (HIPAA), the U.S. Department of Health gave a 3:1 fine. Three parts of the fine were for peeving the Dept of Health, 1 part of the fine was for the patients whose rights were violated.
That’s about par for government. The real violation wasn’t refusing to give access to health records, it was willfully disobeying government. Thinking about that, however, the question comes to mind: without government to enforce this, how would people in an anarchistic society avoid the same kind of privacy-violating actions of a health insurer (or any other medical entity)?
The answer already exists in our current pseudo-free market system. They’re called Personal Health Records (PHRs). A PHR is owned and controlled by the patient or their appointed representative.
The idea is pretty simple and PHRs are provided by a lot of companies now, the more prominent being Google Health, Microsoft’s Health Vault, and an independent company called MedeFile. People open a PHR account and give them a list of your past medical providers along with limited power of attorney to request health records on their behalf. They compile these into a PHR and from then on, new health information is updated automatically or can be added by the patient, their physician, or anyone else to whom the owner of the PHR gives access.
The system can be used to give a doctor, spouse, caregiver, or whomever, access to all or specific parts of the PHR, as needed. There are even smart phone apps and the ability to download to portable devices (or print) for backup.
That is one solution that already exists that would work well in a world without government.