- RETIREMENT ANNOUNCEMENT
- HOME PAGE
- "MYCHART" the new patient portal
- BELMONT MEDICAL ASSOCIATES
- MOUNT AUBURN HOSPITAL
- EMERGENCIES
- PRACTICE PHILOSOPHY
- MY RESUME
- TELEMEDICINE CONSULTATION
- CONTACT ME
- LAB RESULTS
- ePRESCRIPTIONS
- eREFERRALS
- RECORD RELEASE
- MEDICAL SCRIBE
- PHYSICIAN ASSISTANT (PA)
- Medicare Annual Wellness Visit
- Case management/Social work
- Quality Care Measures
- Emergency closing notice
- FEEDBACK
- Talking to your doctor
- Choosing..... and losing a doctor
- INDEX A - Z
- ALLERGIC REACTIONS
- Alternative Medicine
- Alzheimer's Disease
- Bladder Problems
- Blood disorders
- Cancer Concerns
- GENETIC TESTING FOR HEREDITARY CANCER
- Chronic Obstructive Pulmonary Disease
- Controversial Concerns
- CPR : Learn and save a life
- CRP : Inflammatory marker
- Diabetes Management
- Dizziness, Vertigo,Tinnitus and Hearing Loss
- EXERCISE
- FEMALE HEALTH
-
GASTROINTESTINAL topics
- Appendicitis
- BRAT diet
- Celiac Disease or Sprue
- Crohn's Disease
- Gastroenterologists for Colon Cancer Screening
- Colonoscopy PREP
- Constipation
- Gluten sensitivity, but not celiac disease
- Heartburn and GERD
- Hemorrhoids and Anal fissure
- Irritable Bowel Syndrome (IBS)
- Inflammatory Bowel Disease
- NASH : Non Alcoholic Steato Hepatitis
- FEET PROBLEMS
- HEART RELATED topics
-
INFECTIOUS DISEASES
- Antibiotic Resistance
- Cat bites >
- Clostridia difficile infection - the "antibiotic associated germ"
- CORONA VIRUS
- Dengue Fever and Chikungunya Fever
- Food borne illnesses
- Shingles Vaccine
- Hepatitis B
- Hepatitis C
- Herpes
- Influenza
- Helicobacter pylori - the "ulcer germ"
- HIV Screening
- Lyme and other tick borne diseases
- Measles
- Meningitis
- MRSA (Staph infection)
- Norovirus
- Sexually Transmitted Diseases
- Shingles (Herpes Zoster)
- Sinusitis
- West Nile Virus
- Whooping Cough (Pertussis)
- Zika virus and pregnancy
- INSURANCE related topics
- KIDNEY STONES
- LEG CRAMPS
- LIBRARY for patients
- LIFE DECISIONS
- MALE HEALTH
- Medication/Drug side effects
- MEDICAL MARIJUANA
- MENTAL HEALTH
- Miscellaneous Articles
-
NUTRITION - EXERCISE - WEIGHT
- Cholesterol : New guidelines for treatment
- Advice to lower your cholesterol
- Cholesterol : Control
- Cholesterol : Raising your HDL Level
- Exercise
- Food : Making Smart Choices
- Food : Making Poor Choices
- Food : Grape Fruit and Drug Interaction
- Food : Vitamins, Minerals and Supplements
- Omega 3 fatty acids
- Vitamin B12 deficiency
- Vitamin D
- Weight Loss
- ORTHOPEDICS
- PAIN
- PATIENTS' RIGHTS
- SKIN
- SLEEP
- SMOKING
- STROKE
- THYROID
- SUBSTANCE ABUSE
- Travel and Vaccination
- TREMOR
- Warfarin Anticoagulation
- OTHER STUFF FOLLOWS
- Fact or Opinion?
- Hippocratic Oath
- FREE ADVICE.......for what its worth!
- LAUGHTER.....is the best medicine
- Physicians Pet Peeves
- PHOTO ALBUM - its not all work!
- Cape Town, South Africa
- Tribute page
- The 100 Club
- Free Wi-Fi
Patients' Privacy Rights and HIPAA
Patients have six fundamental rights:
1. The right to receive a notice about the doctor's privacy policies.
This notice will be similar to the form credit card companies or banks currently send to customers, indicating specifically how they use their personal information. The notice must include information about patients' rights under HIPAA, including the right to access the information the doctor maintains about them and the right to complain if they feel their rights have been violated. Although the doctor does not have to obtain a patient's consent to use their personal health information for treatment, they must at least make a good faith effort to acquire the patient's acknowledgment that they received notice of the doctor's privacy policies. A copy of the acknowledgment should be kept in the patient's file.
2. The right to access the medical information that is maintained.
On request, the doctor may provide a summary of the patient records or the records themselves, but they must do so within a specified time period. If they provide a copy of records, they may charge the patient a reasonable price for reproducing them. There are some exceptions under which the doctor may deny patients access to their records. However, if this is done, the decision must be reviewed by another licensed professional whom they have designated in their privacy policies and procedures.
3. The right to limit the uses and disclosure of medical information.
This includes limitations that can cause significant practical problems. For example, a patient may not want their diagnosis of cancer disclosed to a payer out of fear the information could reach their employer. If they are estranged from their family, they may not want any information (e.g., their phone number) disclosed to their siblings. A patient could also refuse to allow the doctor to report data to their health plan for quality assurance purposes (which is otherwise protected under the definition of "operations" for which the doctor does not need consent). Although this is a patient's right under HIPAA, reporting such data is also a requirement of most managed care contracts. The doctor is not obligated to agree to patients' restrictions, nor must they care for patients whose restrictions would interfere with their treatment. If the doctor agrees to the restrictions, they must document them and abide by them. If they don't agree to them, the patient will either have to relinquish the request or look elsewhere for care. If the patient chooses the latter, the doctor will have to adhere to their basic common law responsibilities of non-abandonment.
4. The right to request amendments to the medical record.
The privacy notice the doctor gives to patients must specify how they should make requests to amend their records (e.g., in writing). The doctor may refuse such a request for several reasons, including that the patient's record is accurate and complete. However, the patient does have the right to appeal. If the doctor agrees to amend the patient's record, they must notify the individual and others to whom they have provided the information that it has been amended.
5. The right to revoke or limit authorization.
If the doctor's practice uses or discloses personal health information for any reason other than TPO, they must obtain a specific "authorization" from the patient. This is a form that states what information will be disclosed and how it will be done. Special rules apply for clinical trials or research data. Psychotherapy notes may only be disclosed subject to authorization. Parental access to minors' medical records will continue to be controlled by state law.
6. The right to an accounting of disclosures of PHI.
According to the privacy rule, patients can ask to see what disclosures have been made during the past six years only. .
Keeping Patients’ Details Private, Even From Kin
By Jane Gross : NY Times Article : July 3, 2007
An emergency room nurse in Palos Heights, Ill., told Gerard Nussbaum he could not stay with his father-in-law while the elderly man was being treated after a stroke. Another nurse threatened Mr. Nussbaum with arrest for scanning his relative’s medical chart to prove to her that she was about to administer a dangerous second round of sedatives.
The nurses who threatened him with eviction and arrest both made the same claim, Mr. Nussbaum said: that access to his father-in-law and his medical information were prohibited under the Health Insurance Portability and Accountability Act, or HIPAA, as the federal law is known.
Mr. Nussbaum, a health care and HIPAA consultant, knew better and stood his ground. Nothing in the law prevented his involvement. But the confrontation drove home the way HIPAA is misunderstood by medical professionals, as well as the frustration — and even peril — that comes in its wake.
Government studies released in the last few months show the frustration is widespread, an unintended consequence of the 1996 law.
Hipaa was designed to allow Americans to take their health insurance coverage with them when they changed jobs, with provisions to keep medical information confidential. But new studies have found that some health care providers apply HIPAA regulations over zealously, leaving family members, caretakers, public health and law enforcement authorities stymied in their efforts to get information.
Experts say many providers do not understand the law, have not trained their staff members to apply it judiciously, or are fearful of the threat of fines and jail terms — although no penalty has been levied in four years.
Some reports blame the language of the law itself, which says health care providers may share information with others unless the patient objects, but does not require them to do so. Thus, disclosures are voluntary and health care providers are left with broad discretion.
The unnecessary secrecy is a “significant problem,” said Mark Rothstein, chairman of a privacy subcommittee that advises the Department of Health and Human Services, which administers HIPAA. “It’s drummed into them that there are rules they have to follow without any perspective,” he said about health care providers. “So, surprise, surprise, they approach it in a defensive, somewhat arbitrary and unreasonable way.”
Susan McAndrew, deputy director of health information privacy at the Department of Health and Human Services, said that problems were less frequent than they once had been but that health care providers continued to hide behind the law. “Either innocently or purposefully, entities often use this as an excuse,” she said. “They say ‘HIPAA made me do it’ when, in fact, they chose for other reasons not to make the permitted disclosures.”
Mr. Rothstein, one of HIPAA’s harshest critics, has led years of hearings across the country. Transcripts of those hearings, and accounts from hospital administrators, patient advocates, lawyers, family members, and law enforcement officials offer an anthology of HIPAA misinterpretations, some alarming, some annoying:
¶Birthday parties in nursing homes in New York and Arizona have been canceled for fear that revealing a resident’s date of birth could be a violation.
¶Patients were assigned code names in doctor’s waiting rooms — say, “Zebra” for a child in Newton, Mass., or “Elvis” for an adult in Kansas City, Mo. — so they could be summoned without identification.
¶Nurses in an emergency room at St. Elizabeth Health Center in Youngstown, Ohio, refused to telephone parents of ailing students themselves, insisting a friend do it, for fear of passing out confidential information, the hospital’s patient advocate said.
¶State health departments throughout the country have been slowed in their efforts to create immunization
Teaching staff to protect records is easier than teaching them to share them, said Robert N. Swidler, general counsel for Northeast Health, a nonprofit network in Troy, N.Y., that includes several hospitals.
“Over time, the staff has become a little more flexible and humane,” Mr. Swidler said. “But nurses aren’t lawyers. This is a hyper-technical law and it tells them they may disclose but doesn’t say they have to.”
Many experts, including critics like Mr. Rothstein and proponents like Ms. McAndrew, distinguish different categories of secrecy.
There are “good faith nondisclosures,” as when a floor nurse takes a phone call from someone claiming to be a family member but cannot verify that person’s identity. Then there are “bad faith nondisclosures,” like using HIPAA as an excuse for not taking the time to gather records that public health officials need to help child abuse investigators trying to build a case.
Most common are seat-of-the-pants decisions made by employees who feel safer saying “no” than “yes” in the face of ambiguity.
That seemed to be what happened to his own mother, Mr. Rothstein said, when she called her doctor’s office to discuss a problem. She was told by the receptionist that the doctor was not available, Mr. Rothstein said, and then inquired if the doctor was with a patient or out of the office. “I can’t tell you because of HIPAA,” came the reply. In fact the doctor was home sick, which would have been helpful information in deciding whether to wait for a call back or head for the emergency room.
The law, medical professionals and privacy experts said, has had the positive effect of making confidentiality a priority as the nation moves toward fully computerized, cradle-to-grave medical records.
But safeguarding electronic privacy required a tangle of regulations issued in 2003, followed last year by 101 pages of “administrative simplification.”
Senator Edward M. Kennedy, Democrat of Massachusetts, a sponsor of the original insurance portability law, was dismayed by the “bizarre hodgepodge” of regulations layered onto it, several staff members said, and by the department’s failure to provide “adequate guidance on what is and is not barred by the law.” To that end, Mr. Kennedy, along with Senator Patrick M. Leahy, Democrat of Vermont, plans to introduce legislation creating an office within the Department of Health and Human Services dedicated to interpreting and enforcing medical privacy.
“In this electronic era it is essential to safeguard the privacy of medical records while insuring our privacy laws do not stifle the flow of information fundamental to effective health care,” Mr. Kennedy said.
This spring, the department revised its Web site, www.hhs.gov/ocr/hipaa, in the interest of clarity. But HIPAA continues to baffle even the experts.
Ms. McAndrew explained some of the do’s and don’ts of sharing information in a telephone interview:
- Medical professionals can talk freely to family and friends, unless the patient objects. No signed authorization is necessary and the person receiving the information need not have the legal standing of, say, a health care proxy or power of attorney.
- As for public health authorities or those investigating crimes like child abuse, HIPAA defers to state laws, which often, though not always, require such disclosure.
- Medical workers may not reveal confidential information about a patient or case to reporters, but they can discuss general health issues.
Ms. McAndrew said there was no way to know how often information was withheld. Of the 27,778 privacy complaints filed since 2003, the only cases investigated, she said, were complaints filed by patients who were denied access to their own information, the one unambiguous violation of the law.
Complaints not investigated include the plights of adult children looking after their parents from afar. Experts say family members frequently hear, “I can’t tell you that because of Hipaa,” when they call to check on the patient’s condition.
That is what happened to Nancy Banks, who drove from Bartlesville, Okla., to her mother’s bedside at Town and Country Hospital in Tampa, Fla., last week because Ms. Banks could not find out what she needed to know over the telephone.
Her 82-year-old mother had had a stroke. When Ms. Banks called her room she heard her mother “screaming and yelling and crying,” but conversation was impossible. So Ms. Banks tried the nursing station.
Whoever answered the phone was not helpful, so Ms. Banks hit the road. Twenty-two hours later, she arrived at the hospital.
But more of the same awaited her. She said her mother’s nurse told her that “because of the Hipaa laws I can get in trouble if I tell you anything.”
In the morning, she could speak to the doctor, she was told.
The next day, Ms. Banks was finally informed that her mother had had heart failure and that her kidneys were shutting down.
“I understand privacy laws, but this has gone too far,” Ms. Banks said. “I’m her daughter. This isn’t right.”
A hospital spokeswoman, Elena Mesa, was asked if nurses were following Hipaa protocol when they denied adult children information about their parents.
She could not answer the question, Ms. Mesa said, because Hipaa prevented her from such discussions with the press.
Dan Frosch contributed reporting from Denver, and Thayer Evans from Houston
Should Patients Read the Doctor’s Notes?
By Pauline W. Chen, MD : NY Times : July 22, 2010
Their request seemed simple enough: the patient and his wife, both in their 70s, wanted a copy of what I’d written in their medical file. During their visit, I had watched them refer to a well-thumbed collection of doctors’ notes and medication lists, so when they asked for a copy of my note just before leaving, I assumed it would simply be added to the others.
But when I mentioned the request to one of the nurses outside the exam room a few minutes later, her eyes grew wide.
“Oh no, you can’t do that,” she said, shaking her head. “I don’t think it’s legal.” The other doctors and nurses, attention piqued, moved closer to listen. “Send them to medical records,” she urged. “He can sign the release papers there.”
Another nurse in the growing crowd offered her own advice. “Do you know what’s going to happen if you give them a copy now?” she asked. “They’re going to start calling and e-mailing you with questions about what you wrote.”
The doctors and nurses began clucking in agreement. “Think about it for a second, Pauline,” one doctor said with voice lowered. “Maybe they are thinking of suing you.”
There was a collective gasp from the group now gathered around me; and I could guess what they were thinking as they craned their necks to peer into the exam room where my elderly patient was busy fussing with his papers as his wife stood adjusting the canvas fishing hat on his head.
The barbarians are at the gate.
For 40 years, the tension over patient access has been playing out in hospitals, clinics and doctors’ offices. Although medical records have always been accessible to clinicians, payers, auditors and even researchers, it was not until the 1970s that a few states began giving patients the same rights.
While a handful of physicians were vocal supporters of these early efforts, the majority of doctors were far less enthusiastic. They worried that their notes might become a source of unnecessary stress for patients. Read without an experienced clinician’s interpretation, slight abnormalities like an elevated cell count from a viral infection could turn into a life-threatening cancer in the eyes of patients.
Even routine abbreviations and jargon like “S.O.B.” (shortness of breath) and “anorexic” (a general lack of appetite, not the disease anorexia nervosa) could be confusing at best and inadvertently demeaning at worst. Doctors, already pressed for time, shuddered at the idea of suddenly being responsible for the worries of a reading public.
In 1996, despite these concerns, the Health Insurance Portability and Accountability Act, or HIPAA, gave all patients the legal right to read and even amend their own medical records. At the time, a group of national health care experts hailed this new transparency as a necessary component of better and safer care.
But today, few patients have ever laid eyes on their own records. And those who try often come back from their missions with tales of bureaucratic obstacles, ranging from exorbitant copying costs to diffident administrators. The same concerns from 40 years ago come up again and again, with little evidence to support or refute the claims of either side. Should medical records be shared as interactive documents between patients and physicians? Can transparency work, or will it end up worrying patients, muddling the patient-doctor relationship and adding more work to an already overburdened primary care work force?
Now, according to the latest issue of the Annals of Internal Medicine, the answers to these questions may finally be answered in a year’s time.
This summer, researchers have begun the largest study to date of open access, aptly named Open Notes, involving over 100 primary care physicians and approximately 25,000 patients from three health care centers — the Beth Israel Deaconess Medical Center in Boston, the Geisinger Health System in Danville, Pa., and the Harborview Medical Center in Seattle. In the study, patients who have just seen their doctors will receive an e-mail message directing them to a secure Web site where they can view the signed physician notes. Patients will receive a second e-mail message two weeks prior to any return visit, reminding them that the notes from their previous visit are available for review.
Over the course of the yearlong study, funded by the Robert Wood Johnson Foundation, the Open Notes investigators hope to analyze the expectations and experiences of patients and physicians, as well as examine the number of additional phone calls, e-mail messages and visits that may arise as a result of more patients viewing their doctors’ notes. In addition, a public survey on the journal’s Web site will assess the opinions of any patient or doctor not enrolled in the study.
“We have one simple research question,” said Dr. Tom Delbanco, a lead investigator who is a primary care physician at the Beth Israel Deaconess Medical Center. “After a year, will the patients and doctors still want to continue sharing notes?”
While enrolling patients in the study has not been difficult, finding physicians who are willing to participate has been more challenging. A few doctors were quick to sign on, but “most physicians were ambivalent at best,” noted Jan Walker, a registered nurse and health services researcher at Beth Israel Deaconess who is the study’s other lead investigator. Many physicians were worried about workload and issues of clarity.
“The note is really a story,” said Dr. Sara B. Fazio, a primary care physician at Beth Israel Deaconess who hesitated at first but is now one of the participating doctors. “The meaning of a story depends on the storyteller. Just because I write something down as my version of the facts doesn’t mean that they will be the absolute facts or that another person could not interpret those facts differently.” While physicians recognize that such differences in interpretation occur frequently, particularly across different specialties, patients may not. “A doctor’s note could come across in a very unexpected way to a patient even when the doctor wrote it with the best of intentions,” Dr. Fazio said.
The researchers are hopeful that their study will help to settle many of the longstanding issues regarding open access, but one thing has already become apparent. For at least a few of those involved, the once sharply demarcated lines of the decades old tension have begun to fade. It is no longer so clear who exactly stands on what side of the medical records wall.
“In the end,” Dr. Fazio said in an e-mail message, “we are all patients — if not now, then someday — and from that perspective it is easy to see the many reasons why this is a step in the right direction.”
She added, “I suspect the physician in me will eventually be won over by that perspective given a little time.”
Guarding Privacy May Not Always Protect Patients
By Perri Klass, MD : NY Times : July 11, 2011
Many years ago, I helped persuade a teenage patient to tell her parents that she was sexually active. She had been hospitalized with a sexually transmitted infection, and it seemed clear that they must be suspicious. They were concerned, too, and they didn’t seem crazy.
So against her better judgment, she told her parents her diagnosis. Her father’s reaction was to inform her that once she got out of the hospital, she was no longer welcome to return home.
Juggling parental concern with an adolescent patient’s legal and ethical right to privacy opens up some tricky questions. The law varies state by state, but many, including New York, allow minors to consent by themselves to medical care involving such sensitive needs as contraception, pregnancy, sexually transmitted diseases and mental health.
Clinics for adolescents are keenly conscious that the promise of confidential care is essential to gain and hold their young patients’ trust. But in those same clinics, doctors often try to convince teenagers to bring parents into the conversation.
We warn our patients that confidentiality will be broken if there is an imminent risk of serious harm or death. But it’s not always that clear-cut. What to do with the adolescent who tells you something worrisome but not clearly over the line? Who is not crying out for help and support, but admits to sampling amphetamines, say, or sees regular cocaine use as nothing unusual?
A 15-year-old girl came to see a colleague of mine for a routine checkup. She turned out to be pregnant. When the doctor asked about her sexual activity, the girl flatly denied any at all. And no, she didn’t want the doctor to speak to her mother.
When promising confidentiality to an adolescent patient, a physician must set certain limits: “If I hear something that makes me worry that you might not be safe, I will have to tell someone and make sure you get help.” That’s the loophole the doctor will invoke if a young patient is suicidal, for example, or manifests an out-of-control eating disorder.
But in a case like this, nothing was clear. Was the girl in denial — or in danger? Maybe she was being abused. Maybe she was scared to say how she got pregnant.
Sometimes as a physician, you decide that whatever you’ve heard is just too scary. You tell the young patient why, and you break confidentiality. My colleague ended up calling child protection services and eventually contacting the child’s mother.
More often, the doctor is called upon to carry out a more subtle strategy. Sometimes you say, “I won’t tell your parents any details, but I am going to tell them that I’m concerned about you and that they need to talk to you about what’s going on in your life.”
Sometimes you cut a deal: “I won’t tell your parents, but you have to talk to a therapist.” And sometimes you do what internists do — counsel, warn, advise — and then watch the patient leave the room and wonder what will happen next.
College students over age 18 are generally entitled to full adult confidentiality, but that doesn’t always make it simpler for their doctors. When something goes wrong, their parents often are still the safety net and support.
“In the vast majority of cases when we’re working with a student who has some sort of medical or mental health news, they want their parents involved and we are able to communicate freely,” said Dr. Sarah Van Orman, executive director of University Health Services at the University of Wisconsin, Madison, and vice president of the board of directors of the American College Health Association.
But the more problematic cases arise when mental health issues are involved, especially eating disorders. With drug and alcohol use, colleges have worried that the specter of parental notification can be so terrifying that college students won’t call for help if they think it may lead to parents finding out about the circumstances.
Some campuses have instituted “medical amnesty” or “good Samaritan” policies; If one student seeks help for another because of concerns about alcohol toxicity, there will be no consequences for either for violating campus rules.
Parents sometimes worry about confidentiality, about whether important family secrets are being revealed in the pediatrician’s office. Doctors, in our turn, are troubled about the conversations that are not happening between parents and children: the questions that go unasked, the behaviors that go unremarked, the subjects that go undiscussed.
Dr. Van Orman pointed out that as part of sending children off to college, parents should discuss the issues that might come up and make it clear that they want to stay involved. “We need to say to families, talk to their students,” she said.
In my first or second year teaching undergraduates, a student e-mailed me to say her life was falling apart. In class that day, I tried to figure out a response. My mind kept running over medical assessment questions that, as her teacher, I had no right to ask.
After class, I told her that I was worried about her. The academic stress seemed to be getting to her, I said. She nodded and agreed to visit the campus health clinic. I walked her over.
But as she went in, I realized that no one would ever call me and report back. Someone else would ask all the questions I had been contemplating: family, friends, love life, living situation. Her medical and psychiatric history.
I would never know the answers, and why should I? I was her professor, and like her parents, I was now on the other side of the wall.
Hipaa’s Use as Code of Silence Often Misinterprets the Law
Paula Span : NY Times : July 17, 2015
How do people use, misuse or abuse Hipaa, the federal regulations protecting patients’ confidential health information? Let us count the ways:
■ Last month, in a continuing care retirement community in Ithaca, N.Y., Helen Wyvill, 72, noticed that a friend hadn’t shown up for their regular swim. She wasn’t in her apartment, either.
Had she gone to a hospital? Could friends visit or call? Was anyone taking care of the dog?
Questions to the staff brought a familiar nonresponse: Nobody could provide any information because of Hipaa.
“The administration says they have to abide by the law, blah, blah,” Ms. Wyvill said. “They won’t even tell you if somebody has died.”
■ Years ago, Patricia Gross, then 56, and a close friend had taken refuge in a cafe at Brigham and Women’s Hospital in Boston, where Ms. Gross’s husband was dying of cancer. She was lamenting his inadequately treated pain and her own distress when a woman seated at a nearby table walked over.
“She told me how very improper it was to be discussing the details of a patient’s treatment in public and that it was a Hipaa violation,” Ms. Gross recalled.
■ In 2012, Ericka Gray repeatedly phoned the emergency room at York Hospital in York, Pa., where her 85-year-old mother had gone after days of back pain, to alert the staff to her medical history. “They refused to take the information, citing Hipaa,” said Ms. Gray, who was in Chicago on a business trip.
“I’m not trying to get any information. I’m trying to give you information,” Ms. Gray told them, adding that because her mother’s memory was impaired, she couldn’t supply the crucial facts, like medication allergies.
By the time Ms. Gray found a nurse willing to listen, hours later, her mother had already been prescribed a drug she was allergic to. Fortunately, the staff hadn’t administered it yet.
Each scenario, attorneys say, involves a misinterpretation of the privacy rules created under the Health Insurance Portability and Accountability Act. “It’s become an all-purpose excuse for things people don’t want to talk about,” said Carol Levine, director of the United Hospital Fund’s Families and Health Care Project, which has published a Hipaa guide for family caregivers.
Intended to keep personal health information private, the law does not prohibit health care providers from sharing information with family, friends or caregivers unless the patient specifically objects. Even if he or she is not present or is incapacitated, providers may use “professional judgment” to disclose pertinent information to a relative or friend if it’s “in the best interests of the individual.”
Hipaa applies only to health care providers, health insurers, clearinghouses that manage and store health data, and their business associates. Yet when I last wrote about this topic, a California reader commented that she’d heard a minister explain that the names of ailing parishioners could no longer appear in the church bulletin because of Hipaa.
Wrong. Neither a church nor a distraught spouse is a “covered entity” under the law.
Last month, Representative Doris Matsui, Democrat of California and co-chairwoman of the Democratic Caucus Seniors Task Force, who has heard similar complaints from constituents, introduced legislation to clarify who can divulge what and under what circumstances. The proposed bill would require the Department of Health and Human Services, which last year issued new Hipaa “guidance,” to make that statement part of its regulations and to create model training programs for providers and administrators, patients and families.
“A lot of times it’s just misunderstanding what is and isn’t allowed under Hipaa,” Representative Matsui said in an interview.
So, what is and isn’t?
Family members can provide information, as Ms. Gray attempted to do. “How does keeping information confidential stop you from listening to someone?” said Eric Carlson, the directing attorney for Justice in Aging, a legal advocacy group in California. “There’s no Hipaa privacy consideration there.”
An assisted living facility or nursing home can report a death. It can also give someone’s general condition and location, assuming the patient remains within the facility. And if, as Ms. Wyvill suggested, residents ask administrators to keep a list of those who want their neighbors to know they’ve gone to a hospital, that’s perfectly legal under Hipaa.
The law gives providers flexibility in disclosing information in the patient’s interest, but it doesn’t require them to. Clinton Mikel, chairman of an American Bar Association group on e-health and privacy, said that providers sometimes decided, “‘We could, but we’re not required to, and we think this situation is a mess, so we’re going to exercise that option.”
A caregiver’s strongest defense, Mr. Mikel said, is to be the patient’s personal representative — a health care proxy or guardian, or with power of attorney — or to have the patient authorize the release of information. In such cases, providers must comply.
Hipaa doesn’t require patients to give consent in writing. They can verbally ask that a relative or friend receive information. Facilities may legally demand a signature on a form, nonetheless, and many do.
Staff members’ fears of the consequences of an unintended Hipaa violation are probably overblown. Patients can complain to the Health and Human Services Office for Civil Rights, which lately has intensified enforcement of many aspects of the privacy rules, Mr. Mikel said.
Still, the civil rights office “is not in the gotcha game,” he said. The office generally tries to resolve complaints by fixing problems, not levying penalties.
“Do I see it going after a health care provider for disclosing something to a family member in good faith? I don’t,” Mr. Mikel said. An assisted living staff member or hospital aide isn’t likely to lose her job.
Another common complaint about Hipaa enforcement, by the way, is the lack of access to patients’ own health records, which they have a right to see or copy, though providers can charge copying fees.
Within families, decisions about how much health information to share, and with whom, often become complicated, as a recent study in JAMA Internal Medicine found. When researchers working to design online patient portals convened two sets of focus groups — one for people over age 75, another for family caregivers — they heard the usual tension between older adults’ need for assistance and their desire for autonomy.
“Seniors say, ‘I don’t want to burden my kids with my medical issues,’ ” said Bradley Crotty, the director of patient portals at Beth Israel Deaconess Medical Center in Boston and the study’s lead author. “And the family is saying, ‘I’m already worried. Not knowing is the burden.’ ”
The older group wanted help but not second-guessing or “spying,” Dr. Crotty added. They might agree to disclose the medications they take — just not all of them.
Moreover, the dynamic often changes with increasing disability or a health crisis.
“Say a senior has a serious medical condition — a stroke, for instance — and requires a lot of help and support,” Dr. Crotty said. “He could recover enough to want to take back control of his health information. It may go back and forth.”
Such negotiations require continuing discussions of what patients want to divulge and what families need to know. Personal relationships are tricky terrain.
The law, on the other hand, is comparatively straightforward.
“Providers may be disinclined to give out information anyway, and this provides an easy rationale,” Mr. Carlson, the Justice in Aging lawyer, said. “But Hipaa is more common-sense than people give it credit for.”
Paula Span : NY Times : July 17, 2015
How do people use, misuse or abuse Hipaa, the federal regulations protecting patients’ confidential health information? Let us count the ways:
■ Last month, in a continuing care retirement community in Ithaca, N.Y., Helen Wyvill, 72, noticed that a friend hadn’t shown up for their regular swim. She wasn’t in her apartment, either.
Had she gone to a hospital? Could friends visit or call? Was anyone taking care of the dog?
Questions to the staff brought a familiar nonresponse: Nobody could provide any information because of Hipaa.
“The administration says they have to abide by the law, blah, blah,” Ms. Wyvill said. “They won’t even tell you if somebody has died.”
■ Years ago, Patricia Gross, then 56, and a close friend had taken refuge in a cafe at Brigham and Women’s Hospital in Boston, where Ms. Gross’s husband was dying of cancer. She was lamenting his inadequately treated pain and her own distress when a woman seated at a nearby table walked over.
“She told me how very improper it was to be discussing the details of a patient’s treatment in public and that it was a Hipaa violation,” Ms. Gross recalled.
■ In 2012, Ericka Gray repeatedly phoned the emergency room at York Hospital in York, Pa., where her 85-year-old mother had gone after days of back pain, to alert the staff to her medical history. “They refused to take the information, citing Hipaa,” said Ms. Gray, who was in Chicago on a business trip.
“I’m not trying to get any information. I’m trying to give you information,” Ms. Gray told them, adding that because her mother’s memory was impaired, she couldn’t supply the crucial facts, like medication allergies.
By the time Ms. Gray found a nurse willing to listen, hours later, her mother had already been prescribed a drug she was allergic to. Fortunately, the staff hadn’t administered it yet.
Each scenario, attorneys say, involves a misinterpretation of the privacy rules created under the Health Insurance Portability and Accountability Act. “It’s become an all-purpose excuse for things people don’t want to talk about,” said Carol Levine, director of the United Hospital Fund’s Families and Health Care Project, which has published a Hipaa guide for family caregivers.
Intended to keep personal health information private, the law does not prohibit health care providers from sharing information with family, friends or caregivers unless the patient specifically objects. Even if he or she is not present or is incapacitated, providers may use “professional judgment” to disclose pertinent information to a relative or friend if it’s “in the best interests of the individual.”
Hipaa applies only to health care providers, health insurers, clearinghouses that manage and store health data, and their business associates. Yet when I last wrote about this topic, a California reader commented that she’d heard a minister explain that the names of ailing parishioners could no longer appear in the church bulletin because of Hipaa.
Wrong. Neither a church nor a distraught spouse is a “covered entity” under the law.
Last month, Representative Doris Matsui, Democrat of California and co-chairwoman of the Democratic Caucus Seniors Task Force, who has heard similar complaints from constituents, introduced legislation to clarify who can divulge what and under what circumstances. The proposed bill would require the Department of Health and Human Services, which last year issued new Hipaa “guidance,” to make that statement part of its regulations and to create model training programs for providers and administrators, patients and families.
“A lot of times it’s just misunderstanding what is and isn’t allowed under Hipaa,” Representative Matsui said in an interview.
So, what is and isn’t?
Family members can provide information, as Ms. Gray attempted to do. “How does keeping information confidential stop you from listening to someone?” said Eric Carlson, the directing attorney for Justice in Aging, a legal advocacy group in California. “There’s no Hipaa privacy consideration there.”
An assisted living facility or nursing home can report a death. It can also give someone’s general condition and location, assuming the patient remains within the facility. And if, as Ms. Wyvill suggested, residents ask administrators to keep a list of those who want their neighbors to know they’ve gone to a hospital, that’s perfectly legal under Hipaa.
The law gives providers flexibility in disclosing information in the patient’s interest, but it doesn’t require them to. Clinton Mikel, chairman of an American Bar Association group on e-health and privacy, said that providers sometimes decided, “‘We could, but we’re not required to, and we think this situation is a mess, so we’re going to exercise that option.”
A caregiver’s strongest defense, Mr. Mikel said, is to be the patient’s personal representative — a health care proxy or guardian, or with power of attorney — or to have the patient authorize the release of information. In such cases, providers must comply.
Hipaa doesn’t require patients to give consent in writing. They can verbally ask that a relative or friend receive information. Facilities may legally demand a signature on a form, nonetheless, and many do.
Staff members’ fears of the consequences of an unintended Hipaa violation are probably overblown. Patients can complain to the Health and Human Services Office for Civil Rights, which lately has intensified enforcement of many aspects of the privacy rules, Mr. Mikel said.
Still, the civil rights office “is not in the gotcha game,” he said. The office generally tries to resolve complaints by fixing problems, not levying penalties.
“Do I see it going after a health care provider for disclosing something to a family member in good faith? I don’t,” Mr. Mikel said. An assisted living staff member or hospital aide isn’t likely to lose her job.
Another common complaint about Hipaa enforcement, by the way, is the lack of access to patients’ own health records, which they have a right to see or copy, though providers can charge copying fees.
Within families, decisions about how much health information to share, and with whom, often become complicated, as a recent study in JAMA Internal Medicine found. When researchers working to design online patient portals convened two sets of focus groups — one for people over age 75, another for family caregivers — they heard the usual tension between older adults’ need for assistance and their desire for autonomy.
“Seniors say, ‘I don’t want to burden my kids with my medical issues,’ ” said Bradley Crotty, the director of patient portals at Beth Israel Deaconess Medical Center in Boston and the study’s lead author. “And the family is saying, ‘I’m already worried. Not knowing is the burden.’ ”
The older group wanted help but not second-guessing or “spying,” Dr. Crotty added. They might agree to disclose the medications they take — just not all of them.
Moreover, the dynamic often changes with increasing disability or a health crisis.
“Say a senior has a serious medical condition — a stroke, for instance — and requires a lot of help and support,” Dr. Crotty said. “He could recover enough to want to take back control of his health information. It may go back and forth.”
Such negotiations require continuing discussions of what patients want to divulge and what families need to know. Personal relationships are tricky terrain.
The law, on the other hand, is comparatively straightforward.
“Providers may be disinclined to give out information anyway, and this provides an easy rationale,” Mr. Carlson, the Justice in Aging lawyer, said. “But Hipaa is more common-sense than people give it credit for.”