YES One of the positive things about the Health Insurance Portability and Accountability Act of 1996 (HIPAA) is that the statute outlines a set of minimum national requirements that people can follow. The statute makes it possible for vendors, the health care information technology industry, medical

Previously, there were multiple interpretations for health privacy, multiple interpretations for health security and multiple interpretations of how to exchange information between doctors and health plans. Now there is a set of national standards in those areas.

HIPAA will make the health care industry more like the banking industry, in which electronic data interchange occurs for fractions of a penny per transaction. That is largely a result of those transactions being standardized. The federal government is now enforcing that kind of efficiency in the health care system.

In the short run, HIPAA may be significantly disruptive, but in the long run it should lead to very significant savings for all of the major players. But it's not always easy for physicians to see those savings, and it's hard for physicians to think in the long term because they're focused on the short-term problems they have with reimbursement.

Although HIPAA contains some helpful elements, one major problem is on the horizon--the Oct. 16 deadline by which all practices will have to have in place the new electronic data standards for the transmission and exchange of information with health plans, including Medicare. It is also the deadline after which Medicare will no longer accept paper claims.

Unfortunately, most physicians still seem to think that vendors and clearinghouses have taken care of the compliance issues, and many of them appear not to have. So the worry is that claim rejection rates for electronically submitted claims could increase significantly after Oct. 16.

But overall, HIPAA has really raised the consciousness level among all the various stakeholders with regard to how information technology can improve the quality of patient care, lead to greater efficiencies, and give patients better service. It has also brought to the surface many knotty problems that have to be solved first, such as how are physicians going to be able to afford more information technology in these difficult financial times.

Patients are very angry that their mechanic knows more about them and their car than the hospital knows about them as patients. But this is a tough transition; it can't be done if the cost is so high that the average physician isn't able to do it.

NO HIPAA is one of the least aptly named regulations ever written. As a privacy regulation, it fails utterly. Any federal bureaucracy can access your medical records under HIPAA at will, without your permission and without your knowledge.

Further, HIPAA was intended to prevent the kinds of abuses we were seeing from insurance companies in which they were selling lists of patients and their medical conditions to pharmaceutical marketing companies.

HIPAA will prevent that, but it won't prevent pharmacies from continuing to sell this information.

And the law was also broadened to apply to physicians, not just to people perpetrating the abuse.

People say that this regulation is scalable. But how many "HIPAA police" are there? About 34 for the entire country. Is HIPAA really going to be enforced by the federal government? No, although the government may pick out a few high-profile examples and take them to court.

The trial lawyers are going to be the ones who are really enforcing HIPAA; this is a way for trial lawyers to sue you for revealing medical data about patients.

HIPAA also will be expensive. It's going to cost about $40,000 for my wife's solo practice to comply with HIPAA, and about $100,000 for my seven-person practice. That money will go to buy shredders, lockable cabinets, training, all the manuals, and to pay our employees to get trained to comply. That also includes all the time and effort we're going to have to invest to find out whether the people we're dealing with are also complying.

There is one good piece of legislation in HIPAA, and that's the transaction standards.

They make the transactions between you and the insurance companies standard, so there are no longer separate forms and separate rules for Blue Cross and Medicare and United Healthcare. That is the only good part about it.

But it comes at a time when doctors' offices are strapped for cash and strapped for time, and this is another unfunded government mandate--you have no choice but to comply with the transaction standards.

For me, HIPAA is the straw that broke the camel's back. I've decided to leave my current practice and open a solo practice, and I'm not accepting any insurance. I'm going to a cash-only business; I'm going to tell the insurance companies and Medicare to go to hell. And I'm only going to charge $55-$85 for an office visit. Since I won't be billing anyone electronically, I won't be required to comply with HIPAA.

Dr. David Kibbe is

director of health

information

technology at the

American Academy

of Family

Physicians, in

Leawood, Kan.

Dr. Richard

Sacks-Wilner is

an internist in

private practice in

Mendocino, Calif.