Why the HIPAA Regulations Are Unconstitutional

In the Health Insurance Portability and Accountability Act, Congress invited the Department of Health and Human Services to propose standards for the privacy of health care information, then to just go ahead and promulgate them if Congress did not act. This violated the constitutional requirement that Congress alone exercise legislative power. Under the "non-delegation doctrine," the HIPAA regulations are likely void.

In an article for BNA's E-Health Law & Policy Report, Washington, D.C. attorney William G. Schiffbauer has articulated the unconstitutionality of the HIPAA regulations in detail. Under long-time Supreme Court precedents such as Panama Refining Co. v. Ryan, 293 U.S. 388 (1935), and A.L.A. Schechter Poultry Corp. v. United States, 295 U.S. 495 (1935), as well as the recent Line-Item Veto case, Clinton v. City of New York, 524 U.S. 417 (1998), Congress can not give away its legislative authority. This rule against delegation requires elected officials in Congress to take responsibility for the federal government's policies. It is a key protection for accountability and the democratic process.

In Loving v. United States, 517 U.S. 748 (1996) the Supreme Court held that statutes passed by Congress must set out an "intelligible principle" to guide courts and agencies. It is plainly impossible for the HIPAA law to meet even this low threshold because Congress asked HHS what the principles guiding health privacy policy could be.

Links:

Comments? comments@privacilla.org (Subject: HIPAADelegation)

[updated 02/27/01]