Project assistance

Study.Sci.House ©

study@sci.house
 <<
>>

HIPAA Disclosure to Law Enforcement

Law enforcement personnel are frequently involved in ED or acute medi­cal cases and may come into contact with transport teams. Transport teams must be appropriately knowledgeable about the information they may dis­close without violating patient privacy laws and/or HIPAA.

Investigators are not always familiar with HIPAA and its restrictions.

In some cases, there may be a conflict between HIPAA regulations and existing state laws. HIPAA supersedes the state law unless the state law is more restrictive, in which case the state law controls. It is neither feasible nor desirable to attempt to resolve these fine legal points in the acute care setting when these conflicts will impair the ability of the transport team and law enforcement to perform their respective functions. ED, transport, and police administration (and perhaps legal counsel) need to address these issues proactively to reduce the stress on officers and transport personnel.

HIPAA addresses several types of situations in which information might be requested or required from health care providers by law enforcement or public officials.

Public Health Reporting

Teams may report public health conditions required by law to a properly designated public health agency without permission or notice to the patient or representatives (45 CFR 164.512[b][i]).

Communicable Diseases

Under HIPAA, health care personnel may report a person who may have been exposed to a communicable disease or may be a carrier of a com­municable disease if the health agency has the power under the law to receive that information and track or notify the disease or condition (45 CFR 164.512[b][iv]).

Abuse or Neglect

Transport team personnel may report suspected issues of child abuse with­out permission or notice to the patient, parents, or legal representative (45 CFR 164.512[b][ii]). As mandated reporters, transport team personnel may report cases of abuse or neglect to an authorized agency to the extent that it is required by law.

They may report only the portion of information that is required by the law, with the patient’s consent to the extent required by state law.

If the patient is not competent to consent, the disclosure can be made if the health care provider believes that:

1. it is necessary to prevent serious harm to the patient or other potential victims,

2. it is not intended to be used against the patient, and

3. an immediate investigation would be compromised by waiting until the patient was competent to consent.

In these circumstances, transport team personnel must inform the patient promptly that a report was or is going to be made, unless the health care professional reasonably believes that informing the patient or legal rep­resentative would place the patient or representative at risk of serious harm or that the representative is responsible for the abuse, neglect, or injury of the patient (45 CFR164.512 [c]).

Social Media

There are more than 500 million active Facebook accounts, and many of those belong to health care workers. It is natural for a person to come home from work and want to vent about their day or share a funny story, but clini­cians must remember that they have stringent moral and legal obligations to protect patient confidentiality and privacy that may directly conflict with the candid and unguarded internet environment. It is not acceptable to share any information that would make a patient identifiable, even if the name is left out. This has particular relevance for transport personnel who often deal with high-profile events. Many workers have been disciplined or dismissed for careless online blogs or posts, and this is a relatively new issue. Clinicians must be very careful about revealing any work-related information online. The consequences can be severe.

HIPAA Compliance Requirements

• Provide written Notice of Privacy Practices to all patients

• Provide an authorization form for the release of Protected Health Information (PHI)

• Secure all written documents containing PHI at all times (in the ED, ambulance, office)

• PHI should only be given to providers directly involved in patient care unless there is a recognized exception (Communicable Diseases, Suspected Abuse or Neglect)

• Designate a Privacy Official

• Conduct and document privacy training

• Develop and put into place Business Associate Contracts

<< | >>
Source: AAP. Guidelines for Air and Ground Transport of Neonatal and Pediatric Patients. 4th edition. — American Academy of Pediatrics,2015. — 488 p.. 2015
More medical literature on Medic.Studio

More on the topic HIPAA Disclosure to Law Enforcement:

- Infectious diseases - Internal diseases - Obstetrics and Gynaecology - Pediatrics - Veterinary medicine -
- Conflictology - Ecology - Economy - Finance - History - Law - Medicine - Philosophy - Religious studies -

Study.Sci.House ©

study@sci.house