The US Department of Health and Human Services recognizes that medical providers play a vital role in protecting the general public. There is information that is only available to providers, and they have a responsibility to share that information with the appropriate officials if a patient presents the threat of danger to themselves or others. There are circumstances when HIPAA does allow for the release of PHI without patient authorization.
The following are situations in which the Privacy Rule allows disclosures: when it is necessary for treatment, to protect public health, or if concern exists that the patient may do harm to another. Examples include child abuse or neglect; when the effectiveness of a product or activity regulated by the FDA is in question; when there is a risk of a person contracting or spreading a communicable disease; or if there is a threat to do harm to a person or group of people.
Recent meetings before the US House Oversight and Commerce Committee have proven that it is necessary to address the provisions that allow for disclosures. Providers need to be better informed as to situations when it is permitted, and even ethical, to report information to those who are legally authorized to receive it.
Healthcare professionals live in fear of violating HIPAA. Afraid of disclosing any PHI, they rarely even report information in one of the situations for which the rule makes an exception. It is important for health care providers to educate themselves. Consult with a healthcare attorney that is well versed in HIPAA and privacy laws. They will also know about recent court cases in which precedent has been set, as well as applicable state laws. Also, if a situation presents with a patient that is concerning to the provider, the attorney can provide advice on how to progress. Other helpful resources are professional societies and the Department for Health and Humans Services.
The best way to follow the laws set forth in HIPAA is to understand them. Don’t use HIPAA as shield. Know what the Privacy Rule restrictions are and identify how best to protect your patients while also protecting those around them.
Sources:Ouellette, Patrick. (April 30, 2013) Weighing HIPAA privacy standards vs. public safety. Health IT Security. Retrieved on May 7, 2013 from
http://healthitsecurity.com/2013/04/30/weighing-hipaa-privacy-standards-vs-public-safety/Rodriguez, Leon. (January 15, 2013) Message to Our Nation’s Health Care Providers. Department of Health and Human Services. Retrieved on May 7, 2013 from http://www.hhs.gov/ocr/office/lettertonationhcp.pdf
Public Health. (April 3, 2003.) US Department of Heath and Human Services. Retrieved on May 7, 2013
fromhttp://www.hhs.gov/ocr/privacy/hipaa/understanding/special/publichealth/Witnesses Voice HIPAA Concerns During Congressional Hearing. (April 29, 2013.) iHealthBeat. Retrieved on May 7, 2013 from