HIPAA and outdated communications devices can make it harder to deliver effective patient care, according to a survey of physicians, hospital administrators and IT pros.

The survey by the Ponemon Institute is based on responses from 577 healthcare and IT professionals in organizations that ranged from fewer than 100 beds to more than 500.

Fifty-one percent of respondents say HIPAA compliance requirements can be a barrier to providing effective patient care. Specifically, HIPAA reduces time available for patient care (according to 85% of respondents), makes access to electronic patient information difficult (79%) and restricts the use of electronic communications (56%).

HIPAA, which was signed into law in 1996, protects health insurance coverage for workers and their families when they change or lose their jobs and has a strict set of privacy standards with regards to electronic healthcare transactions.

Ed Ricks, CIO of Beaufort Memorial Hospital in South Carolina, said HIPAA often creates barriers to accessing vital patient information because of an "over interpretation" by clinicians.

"I think HIPAA has the right intent. But, let's face it, we're probably the most regulated industry in the world," said Ricks, who took part in the survey. "...Yes, there are things you have to do to be compliant, but everything else is just managing risk. It's about how you balance workflow and efficiency with security."

Fifty-nine percent of the respondents cited the complexity of HIPAA requirements as a major barrier to modernizing the healthcare system.

"Overwhelmingly, respondents agreed that the deficient communications tools currently in use decrease productivity and limit the time doctors have to spend with patients," the study said. "They also recognized the value of implementing smartphones, text messaging and other modern forms of communications, but cited overly restrictive security policies as a primary reason why these technologies are not in use."

The transition from paper-based to electronic medical records (EMRs) was meant to improve efficiency and patient care. But it also has the potential to add new privacy risks, so IT departments must ensure that new systems meet security and compliance requirements to protect private information.

Clinicians in the survey estimated that only 45% of each workday is spent with patients; the remaining 55% is spent communicating and collaborating with other clinicians and using EMRs and other clinical IT Systems.

Ponemon survey results from 577 healthcare professionals (source: Ponemon Institute)

Ricks said he often hears from frustrated physicians who are trying to adapt to new technologies at the cost of time with patients. "I have no good counterargument. Any moment you waste because of the technology, you're not going to get that back," he said.

Because of the need for security, hospitals and other healthcare organizations continue to use older, outdated technology such as pagers, email and facsimile machines. The use of older technology can also delay patient discharges. It now takes, on average, 102 minutes to be discharged. About 37 minutes is spent waiting for doctors, specialists or others to respond with information necessary for a patient's release.

The Ponemon Institute estimates that the lengthy discharge process costs the U.S. hospital industry more than $3.189 billion a year in lost revenue, with another $5 billion lost through decreased doctor productivity and the use of pagers and other outdated communications technologies.

Sixty-five percent of respondents believe secure text messaging could cut discharge time by 50 minutes.

According to the study, clinicians waste an average of 46 minutes each day due to the use of outdated technologies. The primary reason is the inefficiency of pagers (as cited by 52% of survey respondents), followed by the lack of Wi-Fi availability (39%) and the inadequacy of email (38%).

The study was sponsored by Imprivata, a healthcare security software and services company.

This article, HIPAA is barrier to efficient patient care, was originally published at Computerworld.com.

Lucas Mearian covers storage, disaster recovery and business continuity, financial services infrastructure and healthcare IT for Computerworld. Follow Lucas on Twitter at @lucasmearian, or subscribe to Lucas's RSS feed . His e-mail address is lmearian@computerworld.com.

See more by Lucas Mearian on Computerworld.com.