Besides, common sense is not at all common. - one's idea common sense is may be anothers money sink. Security is expensive. Compound that with the fact that your medical information is no longer held all in one place. One's medical insurance provider may keep information confidential, but what about the vendors that it may use for billing, reading MRIs, etc.? How about subcontractors that the contractors use - some of which are in foreign countries? All of them have access to the same information - do they all follow the same confidentiality guidelines? Or the same laws?
I'm not saying that HIPAA is ideal, but there must be a standard of privacy and confidentiality that is independent of the organizations that hold the data all have to be held to. It's not a matter of trust, it's a matter of assuring that patient confidentiality is sacrosanct and that everybody is kept to that standard.
Oh, yes. I have. And they are even more disfunctional than the Federal Government.
I'm a Californian. California, like Congress, has two factions that are completely unwilling to let the other do anything that would be viewed in a positive light. As for local government, San Francisco, where I live, is only governable when the various factions within city and county are equally balanced against each other.
A successful [software] tool is one that was used to do something undreamed of by its author. -- S. C. Johnson