HIPAA does not prevent a provider from sharing protected health information (PHI) with a patient’s friends and family if, using professional judgment, the provider decides it’s in the patient’s best interest, the Office for Civil Rights (OCR) reminds providers in new tools.
In fact, in cases where a patient presents an imminent threat to himself or others, professional rules may require that disclosure, OCR says in a new presentation,
Patient Privacy: A Guide for Providers.
“HIPAA does not stand as a barrier in the absence of a patient’s consent,” OCR Director Leon Rodriguez said during a hearing of the Energy & Commerce Committee’s Oversight and Investigations Subcommittee on April 26.
It’s clear from testimony given during the hearing that provider misunderstanding of HIPAA rules and obligations can impede patient treatment. Family members who have struggled to obtain information about loved ones testified that the privacy laws were
cited by providers inappropriately. Testimony also was given by Jan Thomas, whose husband was murdered after a mentally ill man who had tried to break into a home was released from a hospital, which cited HIPAA as the reason it didn’t alert law enforcement.
OCR announced April 29 several new tools to educate providers and
consumers, including fact sheets, videos and
presentations with slides. Make sure your providers check out the new
tools via the Medscape website and share a copy of the consumer information with your patients.
Another way to make sure your providers are well educated in HIPAA regulations is to subscribe to
Medical Practice Compliance Alert, which covers the privacy and security rules and changes.